1144 comments found.
Hello,
I’m not able to connect with Google. I get the following Error:
Fatal error: Call to a member function config() on null in /home/appthisthing/public_html/loyal/vendor/hybridauth/Hybrid/Endpoint.php on line 212
Please help me correct?
I’m connecting to FB & Twitter without any issues.
Thanks.
—-—-—-—-—- ANSWER:
Well it’s NOT Working on Mine!!!
Why?
Maybe this is why it’s Not Writing files as I asked before.
YOUR HELP TO SOLVE would be very much welcomed!
And
Yes, it’s setup correctly,
define(‘GOOGLE_ID’, “—MY_CODE_FROM_GOOGLE—“);
define(‘GOOGLE_SECRET’, “—MY_CODE_FROM_GOOGLE—“);
Filled in with the details I received from Google, and it Enabled!
I also tried both ways for the SOCIAL_CALLBACK_URI:
define(‘SOCIAL_CALLBACK_URI’, “http://appthisthing.com/loyal/vendor/hybridauth?hauth.done=Google/”);
and
define(‘SOCIAL_CALLBACK_URI’, “http://appthisthing.com/loyal/vendor/hybridauth/”);
Hey,
That’s really strange. Have you maybe updated the HybridAuth package from vendor folder? I’m not sure that I understand what you mean by “Maybe this is why it’s Not Writing files as I asked before.”. Are you talking about this issue you had with update details feature? If that’s the case, I told you how to enable debug mode and check if ajax requests are handled properly, but haven’t heard anything back from you about that.
Regards,
Milos
hi, I want to add some new fields on users_details table. Eg. City, Country, and language etc.
Which scripts/php file do I need to update in order to update those values and select those from current_user.
Thanks.
do I need to add in class ASUser etc? please let me know all the files I need to update in order to be able to include a new field or into a new table.
ok, I have done these following, but it is not changing the default_language varchar field in the as_user_details table. Can you please assist?
—> in profile.js
$(document).ready(function () { $(”.lanuage-select”).click(function () { var lang = ‘en’; profile.updateLanguage(lang); }); });
profile.updateLanguage = function (Language) { var data = { action : “updateLanguage”, language: language }; $.ajax({ url: “ASEngine/ASAjax.php”, type: “POST”, data: data, success: function (result) { //return button to normal state if(result "") { } else { console.log(result); } } }); };
--> in ASAjax.php ================================== case “updateLanguage”: app(‘user’)->updateLanguage($_POST[‘userId’], $_POST[‘language’]); break;—> in ASUser.php
public function updateLanguage($userId, $language) { $this->db->update( “as_user_details”, array(“default_language” => $language), ”`user_id` = :id”, array(“id” => $userId) ); }
Hey,
You code is looking good. Those are all the places where you need to add the code to make it work. There is probably some small glitch and I recommend you to enable debug mode (check http://docs.as-php.com/developer-guide.html ) and to see if you get any errors. Debug mode should always be enabled while you are updating the app.
Regards,
Milos
Hi i tried to include ASEmail $mailer under public function __construct( so that i can trigger a confirmation key email if the user tries to login before the confirmation is done. But doing so stops the scripts and the page does not load.
I managed to include it by modifying AS.php and also include the function to send the confirmation email. But i still dont get the email. No errors either.
Hey,
Make sure that your server is configured to send the emails. If not, you should use some external SMTP server. Also, don’t forget to enable debug mode while developing new features, so you can see all the errors on the screen.
Regards,
Milos
I was able to correct it an everything works great now except one thing. I also used the redirect back t previous page code that you had provided and i works fine for normal login. How do i achieve the same with the social login. Also the social login appears to work fine fro the www link of my website but not without it.
figured out the redirect changed in socialauth.php
redirect(get_redirect_page());
to
redirect(ASSession::get(‘prev_page’));
Now just need help with the www vs non www
Also i dont know if this is a known issue and you have a quick solution the redirect from social has a # at the end of the URL
Hey,
Well you probably set the callback url to have “www.” inside of it, so that’s why it works on www version and not without www. I would suggest you to configure your web server to always redirect to either www or non-www version of the site. So not matter of which version your users access, they will always be redirected to a default version.
The actual reason why it is working on only www version is because of php session cookies. If you log in on www version, and access non-www version you won’t be logged in since the cookie does not exist there. If you want to share session cookies on all subdomains of the website, then you can modify the session configuration by changing the startSession method inside ASSession.php class and replacing $cookieParams["domain"] with .yourdomain.com. However, I would recommend to go with first version and configure redirects on your web server to serve only one version of the site.
About ”#” at the end of URL, that is a known “issue” with hybridauth package (which is used for social auth) and unfortunately, as far as I know, there is no easy fix for it. I think that they fixed it in newer version of hybridauth, so it should be fixed when I release next version of the script, with updated hybridauth package, or, if you can’t wait for it, you can update the package by yourself.
Regards,
Milos
thanks for the quick response
Hello,
I’m not able to connect with Google. I get the following Error:
Fatal error: Call to a member function config() on null in /home/appthisthing/public_html/loyal/vendor/hybridauth/Hybrid/Endpoint.php on line 212
Please help me correct?
I’m connecting to FB & Twitter without any issues.
Thanks.
Hey,
Hmm that’s strange. Are you sure that your Google key and secret are properly defined inside ASConfig.php file? I’ve just tried it on my demo website, and it is working fine from what I can see.
Regards,
Milos
Hi I’m having issues installing. When heading to /auth/index.php it redirects to install and everything appears as normal but the System Requirements page has 147 entries, named 1, 2, 3 .etc and all are ticked.
Continuing on from this causes errors (which was to be expected) and it hangs at the database connection page.
My host has assured me all your requirments listed are installed and running, so not sure what is going on here! Reinstall does the same from the .zip. Any initial, off the bat thoughts Milos?
Thanks
Hey,
It looks like there are some errors returned from the install script. Can you please send me the url to the installation via contact form on my profile page so I can check it? I’m on vacation, but I’ll do my best to get back to you as soon as I can.
Regards,
Milos
Sure, sorry to disrupt your holiday – I appreciate the dedication! Will send over now.
Thanks
Hello, Nice Script.
It’s saves & changes my password BUT,
I’m having issues trying to update (Your Details) my profile. ie. “profile.php”
It’s not saving to the MySQL table: “as_user_details”.
id_user_details, user_id, first_name, last_name, phone & address
Saved in field is:
id_user_details = 1
user_id = 1
first_name = NOTHING
last_name = NOTHING
phone = NOTHING
address = NOTHING
Why won’t it write to database?
This is a fresh install.
Thanks
Hey,
That’s really strange. I would suggest you to enable “debug mode” and check if ajax request is being handled properly. Let me know if you see any errors inside the browsers console or inside the response body for update user details request.
Regards,
Milos
Script works great on local development platform but uploaded to production (PHP Version 5.6.30) I get the error:
Notice: Use of undefined constant DB_TYPE – assumed ‘DB_TYPE’ in /hsphere/local/home/royroy/ewoffice.xyz/login/ASEngine/AS.php on line 29 Connection failed: could not find driver
There is no domain name for this location, just http://50.6.113.55/login/
and phpInfo is here: http://50.6.113.55/login/info.php
What a great script !! Roy
Hey Roy,
It looks like you haven’t uploaded some files to your server. Make sure that all files are uploaded, including ASEngine/ASConfig.php as well as whole “vendor” folder, since DB_TYPE constant is defined inside ASConfig.php file.
Regards,
Milos
I’m trying to be able to change the users details in a seperate php file and I keep getting an error “Invalid CSRF Token”, if there a way I can pass the users login to this php page?
Hey,
I guess you are submitting the form regularly and not via AJAX. If that is the case, check the following comment where I explained how you should send the CSRF token inside any form you create: https://codecanyon.net/item/advanced-security-php-registerlogin-system/5282621/comments?utf8=%E2%9C%93&term=CSRF&from_buyers_and_authors_only=0#comment_14254012
Regards,
Milos
Hi, I am getting this error sometimes (sometimes it is succesful) when I update the password
Warning: session_regenerate_id(): Session object destruction failed. ID: files (path: C:\xampp\tmp) in C:\xampp\htdocs\ASEngine\ASSession.php on line 69
Hey,
That’s really strange because “session_regenerate_id()” is a default PHP function which is used for regenerating Session ID, and as you can see from the error message, it cannot destroy the old session for some reason, so I guess it has some issues with xampp or your PHP settings. Which PHP version do you have?
Regards,
Milos
Hello Milos,
I’ve searched the previous comments for an answer to this problem, but couldn’t find a solution. My users and I are constantly being logged out of the site. It is very inconvenient and many users have quit using it out of frustration.
I can’t figure out what is wrong. Here is the ASSession.php: [code] { /** * Start session. * * @return null; */ public static function startSession() { ini_set(‘session.use_only_cookies’, SESSION_USE_ONLY_COOKIES); [/code]
$cookieParams = session_get_cookie_params();
session_set_cookie_params(
$cookieParams[10 * 365 * 24 * 60 * 60],
$cookieParams["path"],
$cookieParams["domain"],
SESSION_SECURE,
SESSION_HTTP_ONLY
);
}session_start();Each page begins with the session at the top of the page: [code] <?php include ”../ASEngine/AS.php”;
if (app(‘login’)->isLoggedIn()) { // display users’ navbar include ’../templates/header.php’; } else …. [/code]
You can test it here: http://fiendcollectors.com/login.php username: fiendishghouls password: xszaQQ22fThis page gives users some trouble. The idea is that if they own the item in the page, they click +collection under the item to insert a row into a database that saves their collections. But sometimes when a user clicks +collection, they get logged out and redirected back to the login page (the default for users who are not logged in).
http://fiendcollectors.com/balzac/toy.phpPlease let me know if there are any problems with the above code.
Hey,
Well the following line is not how it should be:
$cookieParams[10 * 365 * 24 * 60 * 60], session_set_cookie_params(
365 * 24 * 60 * 60,
$cookieParams["path"],
$cookieParams["domain"],
SESSION_SECURE,
SESSION_HTTP_ONLY
);Regards,
Milos
Milos, thank you for your reply. Unfortunately, it doesn’t work and users are still being logged out after 24 minutes. I contacted my server to see if there was a server side problem and they sent me this:
Hello Michael,
According to the PHP error log /home/goodcyte/public_html/fiendcollectors.com/error_log there might be a problem with : ### [27-Jul-2017 22:52:30 UTC] PHP Notice: Undefined offset: 315360000 in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 27 [27-Jul-2017 23:16:22 UTC] PHP Notice: Undefined offset: 315360000 in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 27 [27-Jul-2017 23:31:50 UTC] PHP Notice: Undefined offset: 315360000 in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 27 [27-Jul-2017 23:42:11 UTC] PHP Notice: Undefined offset: 315360000 in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 27 [28-Jul-2017 00:29:16 UTC] PHP Notice: Undefined offset: 315360000 in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 27 [28-Jul-2017 01:15:49 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [28-Jul-2017 01:15:58 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [28-Jul-2017 02:27:44 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [28-Jul-2017 02:36:21 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [28-Jul-2017 09:37:41 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [01-Aug-2017 19:55:21 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [01-Aug-2017 19:55:44 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [01-Aug-2017 19:55:58 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [01-Aug-2017 20:08:22 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [01-Aug-2017 23:58:34 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [01-Aug-2017 23:59:04 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [01-Aug-2017 23:59:54 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [02-Aug-2017 09:18:05 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 [02-Aug-2017 15:45:28 UTC] PHP Notice: A session had already been started – ignoring session_start() in /home/goodcyte/public_html/fiendcollectors.com/ASEngine/ASSession.php on line 34 ###
Also please check your php.ini file: ### session.gc_maxlifetime(365 * 24 * 60 * 60) ###
Also we upgraded our servers to Fast CGI, under which php.ini file will not be supported anymore. If you need to make changes related to php setting you will be able to do that from your cPanel -> Select PHP version.
Here is where you would go to learn how to do it : http://kb.greengeeks.com/2338/configuring-php-environment-variables-through-your-custom-php-ini/
I really need to get this fixed as my users are complaining about being logged out.
Thank you,
Michael
Hey Michael,
Well the first few errors are related to the configuration you had about session lifetime, but that should be fixed now.
Those other errors you see means that you are trying to start the session after some output is sent to the browser. Make sure that you include AS.php file at the very top of any of your files (there should not be any HTML or even a blank space before you include it).
You don’t need to change anything inside php.ini file.
Regards,
Milos
Hello Milos.
Each of my pages starts with the following code: [code] <?php include ”../ASEngine/AS.php”;
if (app(‘login’)->isLoggedIn()) { // display users’ navbar include ’../templates/header.php’; } else { // display normal navbar include_once ’../darkness/navbar.php’; } [/code] should i rewrite it all on one line as: include ”../ASEngine/AS.php”;[/code]
Or is the problem with my server?
Hello Milos, my last message seemed to have disappeared when I tried to edit it. So I need to solve this sessions problem as soon as possible.
Most of my pages begin with:
[code] <?php include “ASEngine/AS.php”; [/code]
no space above. I said most because I still have some pages that start like this:
[code] <?php include “ASEngine/AS.php”; [/code]
Could the problem be that I put my navbar in header.php? I added the “include “ASEngine/AS.php”;” to header, but still doesn’t work.
Surely there must be a way to fix this.
I thought it might have been a server-side problem, so I contacted my server, but they said I need to speak to you:
“Hello ,
I’m sorry, I would love to help you out here, but you have to understand that we do not make the software or settings websites. You will have to speak to the web developer to get the best possible. #######- Advanced Security – PHP Register/Login System
- @author Milos Stojanovic
- @link http://mstojanovic.net/as #######
If it has anything to do with the server, we will be more than glad to help you.
Please get back to us if you need any further assistance and let us know how else we can help.
Thank you and have a great day,
Eugene D. GreenGeeks Support Team “
So I want to know if the problem is the server or my changes to the code.
Best regards, Michael
Hey Michael,
It doesn’t matter if you place the include “ASEngine/AS.php”; inside the same line as open <?php tag. You must make sure that there are no blank spaces before you open <?php tag. Those errors you mentioned clearly says that session cannot be started because some content is already sent to the browser, and that content can be anything, even a blank space character or new line before you open your PHP tag and include AS.php.
Regards,
Milos
Hi, Can i place the script folder outside the public_html folder (at least the core files)? In such case, what should I configure at define(‘SCRIPT_URL’ ?
I see that there are ajax urls calls, so I guess I cant host this outside public_html. What would be most secure file system organization to host this? I see that someone needs some knowledge to, for example, not list the content from /ASEngine folder.
Hey,
Well you can move everything from ASEngine folder, except ASAjax.php file, as well as “vendor” folder to any other location you want. In that case just make sure that your other files have the correct path to AS.php file and that inside AS.php file other paths to “vendor/autoload.php” as well as path to “ASConfig.php” are correct.
The other solution would be to add .htaccess file which will allow access only to ASAjax.php file inside ASEngine directory, but I would recommend to just move the files to some other location.
Regards,
Milos
thanks. Is there any way/plan to use the email to login?
Hey,
You can easily customize that. There have been answers on that topic here inside comments section, but if you are familiar with PHP, you should be able to easily replace “password” with “email” field across the app.
Regards,
Milos
Hey Milos, thanks. Last one ( iguess): it is safe to include header(‘Location: ’.$_SERVER[‘HTTP_REFERER’]); on logout.php ? Just to redirect the user to same page when login out… dont know if this is safe or not.
Thanks
Hey,
Yeah, it’s ok to include it there. 
However, you can just use the “redirect” function instead of manually setting the header.
Regards,
Milos
hi, just want to ask, is the language always defaulted to English after you login? or is there a setting it can be set to a static language for different user in the db?
Hey,
The default language can be defined globally inside ASEngine/ASConfig.php file. If user changes his language when he access the app, a cookie will be added to users’ browser so the app can know which language user prefers. But there is no such thing as defining default language for user in database.
Regards,
Milos
hi, I tried to do this
ASAjax.php?action=updatePassword&oldpass=hihihi&newpass=1000hihihihi
on the browser to see what ajax is returning, but I am getting
Notice: Undefined index: action in C:\xampp\htdocs\public\ASEngine\ASAjax.php on line 5
and I also tried adding alert(result) into profile.updatePassword = function() {} to see what it is returning but it doesnt alert anything?
just wondering why is that?
Hey,
That’s because you cannot send parameters like that. You have to use HTTP POST request instead of appending parameters to the url and executing GET request.
Regards,
Milos
Hello,
I seem to be having an issue with my redirection after login, I am trying to make it return to the previous page where it got sent to login from, here is my php files; – ASConfig.php—https://gyazo.com/e9ff70c07823ea585c97650b4d792e5b – ASLogin.php—https://gyazo.com/875e26e2b6da272d0f7fbba207ad6dba – Login.php—https://gyazo.com/6dcda209b5bbb60d48c83cd438cdf90a
It always seems to redirect back to index.php
Hey,
Your code looks ok. Can you send me the URL to your script installation so I can try and see how it works?
Regards,
Milos
Hi, I managed to fix it.
Suggestion Will it be possible to have a social login to sign in with steam?
Hey,
I’m glad you fixed it.
You can easily add any authentication providers to Vanguard, including Steam. Check the docs for more info: https://docs.vanguardapp.io/adding-social-auth-provider.html
Regards,
Milos
Is it possible to refund this item and buy Vanguard in return?
Refund request approved.
Regards,
Milos
Is it possible to write an “INSERT…ON DUPLICATE KEY UPDATE…” query using the db abstraction layer you provide on the script? If the answer is yes, how it would be?
The documentation does not come with much information about it.
Thanks!
Hey,
ASDatabase class extends PDO class, which means that you can do anything with it that you can do with PDO. Here you can learn more about PDO: http://php.net/manual/en/book.pdo.php
Btw, your support for this item has expired, so please extend it if you have any similar questions.
Regards,
Milos
<input type="hidden" id="token" name="<?= ASCsrf::getTokenName() ?>" value="<?= ASCsrf::getToken() ?>">
As some of my code is not working with assets/js/jquery.min.js I cant get it validated by it self. I have changed ASCsrf.php to
private static function isValidRequest()
{
if (self::isAjaxRequest() && self::isValidReferer()) {
return true;
}
else {
return self::isValidReferer();
}
}
My AJAX looks like this
$('button').click( function() {
var data = table.$('input, select').serialize();
var token = $("#token").serialize();
$.ajax({
data: token + data.substr( 0, 120 ),
url: 'neworder.php',
method: 'POST',
success:function(response){
console.log(response);
console.log(data);
}
});
return false;
} );
Yet I get “Invalid CSRF token.”
Hey,
Hmm lets see what can be a problem. Since AS is using ajax for communicating with backend scripts, there is no need to explicitly append the token to your request data as long as <script type="text/javascript" src="ASLibrary/js/js-bootstrap.php"></script> is included after jquery on the page you are working on.
However, your code from above should work too. If you can please send me the URL to your script so I can see what’s the issue and if the token is being sent to the server properly at all.
Regards,
Milos
I purchased a different login script here on codecanyon a week ago from webfulcreations and after spending hours trying to make it work… it was a joke (even though the author made it sound great) so I was a little hesitant in trying this one out….. but what a great product. This guy has covered all of the bases, very well written, extremely organized, I was able to modify for my use quickly and the script has protection from every attack scenario I could think of…. what a fantastic script, I just wish I could write php code this well. GREAT JOB and thank you!!
Hey,
Thank you very much for your kind words! Don’t forget to rate the script too if you like it.
Thanks again,
Milos
I have a question regarding redirection. I saw this post https://codecanyon.net/item/advanced-security-php-registerlogin-system/5282621/comments?page=17&filter=all#comment_9628003, which talks about redirect to previos requested page after login, but post is over 2yrs old. Could you please describe the code needed to achieve this. Many thanks.
Hey,
The code looks almost the same as it is described on that post. So:
1. On top of login.php file, right after you require AS.php file and check if user is logged in, you can add this code
$redirectPage = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : get_redirect_page();
ASSession::set('prev_page', $redirectPage);2. Inside ASLogin.php file, at the bottom of userLogin method, you will modify the redirect to look like following:
respond(array(
'status' => 'success',
'page' => ASSession::get('prev_page')
));And that’s all you need to do to redirect users to previous page after login.
Regards,
Milos
The image file for the swedish flag has incorrect permissions, and therefore does not display correct. A simple chmod to add read permission resolves the issue.
