1144 comments found.
Hello Milos,
I got serious problem to run AS in mobile environments. I’ve been testing it under iPhone/iPad/Macbook Pro (All OS is the latest ver.). I had no issue on Macbook(Safari/Chrome/Firefox). However, using iphone/ipad, AS runs really unreliable way. I’m talking about the symptom as I don’t have idea about the root cause. Hereafter I’ve summarized the symptom for your better view; 1. Either logging in on Macbook or not, iphone and ipad LOSES its connection quite often. 2. I don’t see any delay to connect server on Macbook, but on iphone/ipad, the ANNOYING DELAY is monitored. Yes, quite often. 3. Quite often, logging in and logging out on iphone/ipad takes more than 20 sec. 4. logging in iphone with an ID, trying to connect with same ID on Macbook, iPhone loses connection right away.
Can you guide me how I can start the debugging with your hypothesis on the root cause? Thank you. Jason Purchase code :1a06eba0-921a-49d0-ba03-0760447a6b2c
Hey,
Hmm the issues you have are really strange. Let’s see if I can help to somehow debug it:
- What exactly means when you say that iPhone/iPad device loses it’s connection? Does your session expire or it’s something else?
- Which delay you are referring to? When you try to open the website?
- Do you experience the same issues on demo website available at https://as-php.com ?
Regards,
Milos
(1) What exactly means when you say that iPhone/iPad device loses it’s connection? Does your session expire or it’s something else? (1-A) That’s my first question actually. How can I check if my session has been expired? Symptom is that pressing some menu, the wifi logo on iphone starts to access the server showing progress circle icon. After like 20-30sec, it redirects me to the login page (2) Which delay you are referring to? When you try to open the website? (2-A) Accessing the new page through ajax, the user is supposed to connect the server and gets the new html. However, very often it takes 5~ 20sec to get the new html. It might be due to the problem of my code. But, it looks my code is very simple to make delay. I’d like to ask if it could be due to multi-session management or mobile dependent issues of AS. It would be appreciated if you guide me how to monitor server activity. I can do it using MAMP and Netbean on local but frankly no idea how to do on actual server. I’m using Godaddy hosting. (3) Do you experience the same issues on demo website available at https://as-php.com ? (3-A) No.
Hey,
Well you will know if session has expired since you will be redirected to login page in that case. Have you tried to set the LOGIN_FINGERPRINT to false inside ASConfig.php file? Maybe your IP is changing very often and that’s why you are being logged out. Check http://docs.as-php.com/configuration.html#login for more info.
There should not be any difference weather you are accessing from mobile or a computer and in AS it doesn’t matter how many active sessions you have for specific user, which means that you can be logged in to the same account on any number of devices at the same time.
To monitor server activity I usually SSH to the server and use some linux tools programs like “htop” or similar. However, maybe GoDaddy offers something from their admin area where you can see the server usage and stuff like that.
About such huge delay when you fetch some HTML via ajax, it can be also related to the DNS resolving issues, but since everything is working properly on your computer, then it’s most likely not the case here.
Regards,
Milos
Hi Milos, Thank you very much for your support. I’ll definitely try as you guided. Most of all though can you let me know how I can take the moments that the IP is being changed to cause the problem? Four instance, using var_dump() like function( probably useless since it is already disconnected under the problem), storing the ip changes in a file or any tool?
Thank you
Hey,
Well if you disable LOGIN_FINGERPRINT then IP changing won’t affect your session. If you still want to see if IP has changed or not, then I would suggest some kind of simple logging which will put the IP address into some log file on each request, so you can see if it changes often. Such logging system does not exist in AS, but you can easily add it, since it will just put the IP address from the request into a file, which is pretty easy to implement.
Regards,
Milos
hi, I should implement db session instead of cookies but can’t be static.
How can I do? Outside of the container?
Hey,
Well database session handler does not come out of the box with AS, since AS uses standard file based PHP sessions.
This means that you will have to implement it by yourself the same way as you would do it in any plain PHP application. Here is an example on how it can be implemented: http://culttt.com/2013/02/04/how-to-save-php-sessions-to-a-database/
Regards,
Milos
I implemented Db session class but I have some doubt.
My new instance is $ses = new ASDBSession(); $ses->start_session(’_s’, false);
instead of ASSession::startSession();
but how can I invoke $ses->get and $ses->set inside other class instead of ASSession::get and ASSession::set?
Hey,
Well you will have to pass it through the constructor or instantiate it inside that other class. Or, another way is to bind it to the service container and use it via app() function, whatever works for you.
Regards,
Milos
Made with service container and app. But now when I try to login I receive the following error: ASLibrary/js/login.js:43 Uncaught ReferenceError: $_lang is not defined “asengine.loadingButton(btn, $_lang.logging_in);”
Hey,
That’s because you are have not included js-boostrap.php script on the page or it is not loading for some reason, which you can check from your browser’s console. It should be included inside the <head></head> element of the page, like following (make sure that path is correct if you have moved login.php file to some other directory):
<script type="text/javascript" src="ASLibrary/js/js-bootstrap.php"></script>Regards,
Milos
Very strange, nothing has been changed outside ASEngine… I try to check. Thanks
Hi – I am having some issues installing this script. When I run the installation, it hangs on the last step, and I see in Chrome debugger the error:
Warning: _wpe_old_file_put_contents(/nas/content/live/satistar/auth/install/../ASEngine/ASConfig.php): failed to open stream: Permission denied in /opt/nas/www/common/production/php_prevent_flock.php on line 58
It appears there is a permissions issue with creating the ASConfig.php file. I contacted my web host, and their support me they do not allow me to change any directory to “777” permissions for security reasons.
Is there a way to manually install this without running the installer? Or can I run the installer on another host and just copy the files over? How can I get around this?
Hey,
Yeah, it looks like the app cannot create the ASConfig.php file properly. Have you tried to set the ASEngine directory permissions to 775 or 755?
About manually installing the app, the easiest way is to install it on your localhost and then upload the ASEngine/ASConfig.php file directly to your server (that file is generated after successful installation) and update database credentials inside of it. You will also need to export/dump the database tables generated after the installation process from your localhost and import them on your server.
Regards,
Milos
login.php?to=....all my script are ok and works if at the final I have something like this:
window.open("../security/login.php?to=https://www.google.ch/");but if the url is one from paypal like this:
window.open("../security/login.php?to=https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=U4.......");it generate an error on paypal: beacuse in fact the url is not complete, it finished after the s-xclick:
https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_s-xclick
A solution?
Best regards
Dup
Hey,
Well, redirecting to other pages that have some other parameters inside the URL may be a problem in this case.
Now, I don’t know how your system looks like and if all paypal buttons are the same or not, but the easiest solution that I can see in this case is to encode the url parameters instead of just passing them like that. This basically means that your window.open code should open the link like following:
../security/login.php?to=<?= urlencode("https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=U4") ?>This urlencode function is built in PHP function that you can use.
I hope that it helps. 
Regards,
Milos
Hello,
Hello,
Thanks a lot it works great.It was the solution:your loss of time saved me time!
But now I have a new problem of loggin: it is ok on local but on my server: I have exactly the same configuration.When I want to logg in and push the button loggin it change in “logging in ” but don’t go further.
congiguration to explain two folders “security” (with your script) and “vente” (with a template and loggin inside with
<input type="text" id="login-username" name="username" class="input-xlarge form-control"> <br />
etc....and include "../security/ASEngine/AS.php";../security/ASEngine/AS.php
and further all the <script type="text/javascript" src="../security/ASLibrary/js/asengine.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/register.js"></script>
....../security/ work on local and work on server
If you have time can you explain me?
Best regards dup
Hey,
You probably have some javascript error or maybe some javascript files are not included properly. You should check your browser console and see if there are any errors. Also, don’t forget to enable debug mode (http://docs.as-php.com/developer-guide.html) while you are developing so you can see all the errors properly.
Regards,
Milos
include "../security/ASEngine/AS.php";
<div>
Name: <input type="text" id="login-username" name="username"class="input-xlarge form-control"> <br />
password: <input type="password" id="login-password" name="password" class="input-xlarge form-control">
envoi: <button id="btn-login" class="btn btn-success"><?= trans('login'); ?></button>
</div>
<script type="text/javascript" src="../security/assets/js/sha512.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/asengine.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/register.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/login.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/passwordreset.js"></script>
Hey Dup,
Whenever you have such issues you need to debug it and see what the problem is. In this case, you must open your browser developer tools and see if there are any errors inside the console (there will probably be some errors in this case).
Once you see what the errors are, you need to debug if ajax requests are being properly sent to correct file, which in this case is ASEngine/ASAjax.php. That might be the issue here, since the URL inside loging.js file is pointing to ASEngine/ASAjax.php file but since you changed the file path for login.php file and moved it away from other files, you should update those paths too.
More on how to debug AJAX requests is explained inside the docs: http://docs.as-php.com/developer-guide.html#debugging-ajax-requests
Regards,
Milos
hi thanks I’m give up to use a page outside than your directory! and about the minimum I wrote in the last message Is this ok I want to use your script inside different pages only to login not to registrer!! I’m imposing myself still some hours to try this and if it doesnt work I will try to find another product more easy to use with less files to edit without resentment I thank if you answer about my last question Best regards
Hey,
Of course that you can use the script only for login and not for register. Users can be manually added by administrator from users.php page, and this means that you can remove registration completely if you don’t want to use it.
Regards,
Milos
include "../security/ASEngine/AS.php";and all ../security/Hey,
Of course that you should not copy all those files in each folder. You actually should not move those files at all and all you need to do is to update the URL to ASAjax.php file inside ASLibrary/js/login.js file so it knows to which location the login data should be sent.
Regards,
Milos
so I must have only a login.js in every folder where I use the sript? not clear sorry
Regards
Hey,
No no, you just need to include the login.js file anywhere you are using the login form and to update the URL to ASAjax.php file inside that login.js file to use absolute path instead of relative path that it is currently using.
This means that, if you have uploaded the AS files to, lets say, “security” folder, and you want to use login in folder “A”, you will need to update the path inside login.js file to look like /security/ASEngine/ASAjax.php (to be the absolute path to ASAjax.php file) so it always look the same, no matter in which folder you are using the login.js file.
Hope that this helps.
Regards,
Milos
Hello Thanks and thanks it finally works! But for me for it is a little strange because if i had extracted your rar in a folder nammed ‘loggin’ with all your files inside and leave the url path inside the login.js by default $.ajax({url: “ASEngine/ASAjax.php”, your product doen’t work right out the box. I should have to open this file and write $.ajax({url: ”/loggin/ASEngine/ASAjax.php”. Why the path of the ASAjax.php is not bound hierarchically with the ‘AS.php’ declare in the page who contains the form? Really thanks for your patience and really sorry if it was ? written in the documentation Dup
Hey Dup,
I’m glad that it is working properly now. Well if you are not changing the location of login.php file then you would not have to change the URL inside login.js since it uses relative path, no matter in which directory or subdirectory the files are.
Regards,
Milos
<?php
include "../security/ASEngine/AS.php";
?>
<!doctype html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Choix</title>
<script type="text/javascript" src="../security/assets/js/jquery.min.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/js-bootstrap.php"></script>
</head>
<div>
Name: <input type="text" id="login-username" name="username"class="input-xlarge form-control"> <br />
password: <input type="password" id="login-password" name="password" class="input-xlarge form-control">
envoi: <button id="btn-login" class="btn btn-success"><?= trans('login'); ?> </button>
</div>
<script type="text/javascript" src="../security/assets/js/sha512.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/asengine.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/register.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/login.js"></script>
<script type="text/javascript" src="../security/ASLibrary/js/passwordreset.js"></script>Hey,
Well you haven’t used the login.php but you included the login.js on some other page that is not inside the same directory as the rest of AS files, and that means that absolute path to the ASAjax.php file is different than how it was expected to be. It has nothing to do with AS.php file, since login.js is just a javascript file.
But anyways, I’ll try to figure something out for next release to have the path be detected by using the SCRIPT_URL value from ASConfig.php file.
Regards,
Milos
Thanks for everythings : I and you learned me a lot. But I have a last question now, because I must to have a lot of flexibility in my web site so I must use your script-login in differents ways: as modal form, as inside a webpage and as open the total login page in a new window. So is it possible or must I have different files: login.js like login1.js,login2js,... call by different other things? Not so easy to understand all the steps of your script when loading a page, than before and after click on login? So I’m a little lost.I bought a temple in Envato : https://themeforest.net/item/learnplus-education-lms-responsive-site-template/12802106?s_rank=4 with paypal, login etc…and in the description it was written php files wwith a s to files but finally there is only one(for email )That’s why I bought your script but finally not easy to have simple things. William Shakespeare said :“We are such stuff as dreams are made on, and our little life is rounded with a sleep.” Best regards
Hey,
No problem, I’m glad that my script and my answers helped to you learn something new.
When you set the absolute path to ASAjax.php file inside login.js, it will always send the data properly and doesn’t matter where you include that login.js file and whether it is a modal popup or standalone page in different directory.
Regards,
Milos
success: function (result) {
for simple form dropdown inside a page we must write
location.reload();
window.location = result.page;
window.opener.location.reload();
parent.$.colorbox.close();
Hey,
Well this is really your implementation detail and it does not belong to the support I provide. In general there are a ton of ways to implement something like this, and how would I probably do it is just by defining a global javascript variable on the page before you include the login.js and set it to some page specific value (for example <script>var pageType = 'modal';</script>
Then inside login.js you can just check like if (pageType == 'modal') ... and so on.
Or, again, you can always standardize it and use modal, but then you should not open the login.php entirely inside an iFrame or something since there is no need for that and can cause complications with how things are implemented. Instead, you can just extract the content you need from login.php file and add it inside a modal directly.
Regards,
Milos
id="login-username",
id="login-password",
id="btn-login"
$('.popup').click(function() { $('.loginDropdown').html('');});
$('.popup').featherlight('my_login_form_02.php');
How can I get in touch via email since here I can not leave the comment with the format that I need (to be understood). Thank you!
Hi, Does this have integrated payments?
Hey,
Unfortunately, as you can see from the demo, there are no payments integrated into this system.
Regards,
Milos
Could you help me a bit with this? It’s causing a few errors on my page when I install it, and the documentation isn’t helpful. Discord @ zenful#0348
Hey,
Please let me know which issues you have by posting the comment here, and I’ll be glad to help.
Regards,
Milos
I install it, and every installation does something different. Sometimes none of the php pages load properly, sometimes it works fine, and when I attempt to protect a page nothing happens, it just turns straight into HTML, even if I make it a php page.
Hey,
That’s really weird. Can you paste here an example of how you are protecting pages? Also, if possible, please share some URLs to your website so I can see it in action?
Regards,
Milos
Alright, I got it working after a good bit of work (turns out it was a problem with my hosting), and its working great. I just have one more question, Is there any way to make it so that you require a referral code to register an account? If not, could you help me put a system in place for that?
Hey,
I’m glad you found out what was the issue! Well you will need to modify the registration form to add that field, since there is no such thing out of the box.
Basically, what you will need to do is to edit the following files and make them fit your needs:
1) login.php – This is the file where the actual HTML for the registration form is located. You need to edit this form and add any field you want there.
2) ASLibrary/js/register.js – This is the file which is responsible for sending the data to the server via AJAX. You need to extend it by adding one more field there (the one you added inside the HTML for registration form) by using the same way as it was done for all other fields inside the registration form.
3) ASEngine/ASRegister.php – This is the class responsible for registering the user inside the system and what you will need to update is the register method inside of it to either check if your referral code is valid or maybe keep it to database, whatever works for you.
Regards,
Milos
Alright. I did it, and its all working, except for the function that calls db->update. I copied it word-for-word and even looked at the instructions on ASDatabase.php
Why isnt it working: https://pastebin.com/FFPtNpA2 I have tried, everything.Also, most of my friends who looked at your code keep telling me that the ASDatabase update function’s prepare statement is used incorrectly, and it is extremely vulnerable to SQL injection. You going to fix that anytime soon?
Hey,
It looks ok but do you get any errors from that database call? If it is not working, then you must get some error. Of course, don’t forget to enable debug mode http://docs.as-php.com/developer-guide.html so you can actually see the errors on the screen.
From what I see there is nothing to be fixed inside ASDatabase::update function related to SQL injection, but maybe I’m missing something. Can you please elaborate on why you or your friends think that that is is vulnerable?
Regards,
Milos
I do not have any errors in error_log or any other error file, and yes debug mode is enabled. If there is an error given, however, it will return undefined on a green box under the register page. If no errors, it says Success. It returns success even though it isnt working. I cannot find any other error lists.
Here’s what they said about prepared statements. The first message they ripped me a new a$$hole so I had to clear it up a bit:
” You should use prepared statements because not using it you are simply making your application very insecure, vulnerable to a lot of different things, SQL injection being one of them. It is also faster to execute, since all queries are prepared beforehand It also follows DRY, when not using a prepared statement, you need to repeat yourself all the time you want to interact with the database, but with a prepared statement, you can just reuse the old and not have to make a new one. “
Hey,
That’s really strange. Can you describe a bit more what exactly is happening when you call that update method? Are you sure that you have referral_code and referral_used fields in DB and that your $user['referral'] has correct value?
About prepared statements, ASDatabase is using them properly, so I’m not sure why exactly they told you that it is “insecure”... It’s either that I’m missing something there or that they haven’t checked and understood properly how update method is working.
Regards,
Milos
I have referral_code and referral_used in as_users, and user referral has the correct value, It has been set so there shouldnt be any problems
I am linking you this post about how to use prepared statements; https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?noredirect=1&lq=1Hey,
If it’s possible please provide some temporary ssh/ftp access to the server so I can see what can be an issue. You can send me the info via contact form on my CodeCanyon profile page.
About the link you referenced, that’s exactly how ASDatabase::update is using prepared statements, so I guess that your friends just don’t understand how that method works. If I’m wrong, please send me an example of SQL injection where you use ASDatabase::update method with some malicious user data. I’m very interested to see such thing.
Regards,
Milos
I managed to figure it out, after going back and trying something I did before but fixed a few things and now it works, I had the where and the data statements I wanted to change flipped around.
It’s not me saying that it’s vulnerable, I don’t know what they mean, I don’t know enough PHP to do that, but is there any way for you to explain to them it’s correct?
Alright, so it turns out the script really is riddled with vulnerabilities, and cant really be fixed without completely tearing the script apart. This is not good, and this is not what I paid for either.
I am not smart enough to actually provide an example of SQL injection but I am sure that someone will want to do it.
Look at this article about prepared statements also: https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet#Defense_Option_1:_Prepared_Statements_.28with_Parameterized_Queries.29Hey,
Well if you claim something like this, I expect that you will provide some example on how it should be exploited. The link you pasted above represent just some general info about prepared statements, which are already being used by AS script properly. I really don’t have time to explain to someone that some function I wrote is working properly and instead I expect that when someone claims that it is vulnerable he also provides an example on how it can be exploited…
Now, if you think that you have found some (other) potential vulnerabilities, please be more specific about it so I can see what you are talking about and provide more info about it. Saying something pretty serious like “it turns out the script really is riddled with vulnerabilities” without actually pointing out what you think that those vulnerabilities are is just absurd.
Regards,
Milos
It’s alright. I have someone who has already identified the problems, and is explaining them to me now. Hopefully he will be more understanding of the problems. Thanks for the help. :/
I would need to directly enter the database for the users (I already have the data) and they are enabled to enter. But you enter data manually into the database and the system does not recognize them. Thank you
Hey,
You can enter any user data to the database manually, but in such case password won’t be hashed properly and users won’t be able to log in until they reset their password. Don’t forget that if you are adding users manually, user data must also be stored inside as_user_details table and not just as_users, and if you don’t create even empty rows inside that table for each user it will probably break the app.
Regards,
Milos
I want to thank Milos for his patience and speed in the technical support, to try to solve a problem with the script that actually (as Milos said) was a permissions problem on the server. Thank you very much for the dedication Milos!
Hey,
No problem, I’m glad that it is working properly now.
Regards,
Milos
Hello I bought your script 2 days ago : great but need help: I want to use the script like here in “envato” a button on page that call your “login.php” in popup and when the people clic on “login” I want the popup to close and return to the page: I can’t achieve that I’m allways redirect to xour” index.php”! I try to the redirect in the “loggin.php” but allways go to the index.php Best regards
Hey,
Well default behavior for the app is to redirect user to index.php after successful authentication. You can easily customize that inside ASConfig.php file, like it is explained inside the docs http://docs.as-php.com/configuration.html#login but, if you want to just refresh the page and make the script stay on the same page after user log in successfully, then I would recommend you to edit ASLibrary/js/login.js file and modify loginUser function to just refresh the page instead of redirect on successful login.
This basically means that you will replace
window.location = result.page;location.reload();Regards,
Milos
hello, Thanks for your answer I changed the line in the login.js but the redirection is allways index.php The loggin.php close and return to index.php Best regards Dup
Hey Dup,
I’m not sure that I understand exactly how you have it implemented… Do you display the login form inside a popup modal, like you explained earlier, or you redirect users to login.php page?
Regards,
Milos
Hi Milos, Thanks again to help me. My project is to have a part of my website to sell some music courses: every course have a own page. so in each page I want to call either your login.php and after login to return to the page of course either to have a form/login inside each page to log and stay on the page. It’s egal for me but I can’t achieve anything. I want something like here in Envato site: I log and stay in the page.
I tried to put in the page of the course include “ASEngine/AS.php”; $redirect = $_SERVER[‘SERVER_NAME’].$_SERVER[‘PHP_SELF’]; $_SESSION[“maVar”]= $redirect; then call your login.php and than inASConfig: $redirection = $_SESSION[“maVar”]; and further: define(‘SUCCESS_LOGIN_REDIRECT’, serialize(array(‘default’ => ”$redirection”))); but it doesn’t work neither Regards Dup
Hi again, I finally found a solution but not sure if it is in the rules of art! Can you plesase comment me your impressions.
In all page where we can login and in your login.php I put in script balisedocument.cookie = "origine="+window.location;and in the ASConfig.php<code>$redirection = $_COOKIE['origine'];</code> and futher: <pre><code>define('SUCCESS_LOGIN_REDIRECT', serialize(array('default' => "$redirection")));</code> Best regards</pre>
Hey,
Well that’s an acceptable solution, however I would probably use session instead of cookies since cookies are accessible from a browser.
From what you have first described, I thought that you want to have the login form inside a modal popup (not as a separate page) and that’s why I told you to update the login.js to just reload the page instead of redirecting you to another page.
However, from the code you pasted above, it looks like you are actually redirecting the user to login.php and you want to redirect him back to previous page after login. In that case, you can do it by storing previous URL inside the session (similarly how you implemented it with cookies) or you can implement it like I described here: https://codecanyon.net/item/advanced-security-php-registerlogin-system/5282621/comments?page=45&filter=all#comment_17581717
But again, your cookie solution is acceptable and it’s fine if you want to leave it like that.
Regards,
Milos
Hello Milos, wooah!I looked a little in this forum: you really master! Thanks
Why don’t write a paypal or shopping cart as addon to you script and database.Something like :if pay a product, the buyer can access to certain pages. I’m sure that for 15-20$ the 90% of the person who bought this script will pay for that!;-) Never seen this kind of product Best regards Dup
Hey Dup,
Thank you for your kind words.
I will definitely implement something like that, and it is on my list of things to do, however I’m really busy at the moment and I don’t have time to do it now. But, I agree, it is good thing to have and it will be used by a lot of people.
Regards,
Milos
$redirection =$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'];$_SESSION('redirection') = '$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF']';define('SUCCESS_LOGIN_REDIRECT', serialize(array('default' => "$redirection")));Hey,
I’m not really sure why this is confusing you, but let me try to explain what you need to do again… This is one solution (probably, the easiest), but there are also a lot of different similar solutions.
Ok, so, here is one way to do it:
1) On any course page you have, as you sad, you have the login link where user can click and be redirected to login page. What you need to do is to update that link so it has the URL to the current page as a parameter. For example, you have this button somewhere on your courseA.php page:
<a href="login.php?to=http://google.com">Log In</a>$redirectPage = isset($_GET['to']) ? $_GET['to'] : get_redirect_page();
ASSession::set('redirect', $redirectPage);3) Inside ASLogin.php file, at the bottom of userLogin method, you will modify the redirect to look like following:
respond(array(
'status' => 'success',
'page' => ASSession::get('redirect')
));And that’s really all you need to do and after successful login you will be redirected to google (or to any url you specify).
The way you described above is incorrect since if you have
$redirection =$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'];Hope that this helps!
Regards,
Milos
$('.log').featherlight('../security/login.php?to=http://google.com');
So I think that popup in jquery is not possible with this method?
Best regards
Dup
Hey Dup,
I asked you multiple times how you display the login form, weather it is a popup or you redirect users to a login page, but I never got a precise answer.
Anyways, it’s not recommended to display login form like that. Either redirect the user to a login page or add the form directly on your page, without loading the whole actual login.php file with featherlight plugin.
So, if you want to have a modal popup, don’t load the whole login.php page with featherlight plugin, just include required content on any of your pages and display regular modal which does not load the external file. In that case, the method I described in one of my first answers above for handling the login inside a modal will work just fine.
Regards,
Milos
Hi Milos,
I finally understand a little better and found the key of the tank of your Cadillac.
I will certainly find the other keys next days to test the real power!
THANKS AGAIN for your patience and kindness.
Have a good week-end.
And don’t forget:
+1 for the next paypal adventure 
regards
Dup
Hello, i just buy a licence for advanced security. This seem to work well but i don’t understand how i can redirect logged user to a specific url?
Can you tell me the code to write and where?
For exemple, the rôle named: test should go to: http://google.be
Thanks !
My item purchase code: d27e4d5a-cf1f-4d38-86ea-8575cfa05c03
Hey,
Well if you want to redirect user with role “test” to “http://google.be”, all you need to do is to update the “SUCCESS_LOGIN_REDIRECT” constant inside ASEngine/ASConfig.php file to look like following:
define('SUCCESS_LOGIN_REDIRECT', serialize(array('default' => "index.php", "test" => "http://google.be")));And that should do the trick and redirect the users with “test” role to google.be after successful authentication.
Regards,
Milos
Hello Milos, I try to configure and install but it stays forever on the screen that I should check the database (and that box appears pink without text) so I was reading in other comments that has been a recurring problem. I am a beginner user and it is difficult for me to solve the situation. I would appreciate if you guided me in the initial configuration. Thank you.
the web where I’m testing is grupalmedia.com
Hey,
Lets see what the issue is.
From what I’ve checked on the link you provided everything looks ok, however I cannot install it since I don’t have the DB credentials. Can you please send me the db info via contact form on my CodeCanyon profile page so I can try to actually install it on your server and see exactly what issues you have?
Regards,
Milos
Hi, One question before to buy Is it possible to implant paypal? and change the role of users? Like if payed permissions is superior? best regards
Hey,
Well after you purchase the app you get whole source code, so if you are familiar with Laravel you can implement anything you need. However, PayPal does not come out of the box and you will actually have to do the coding and implement it manually.
Regards,
Milos
I have installed Advanced Security – PHP Register/Login System. I can login and I have it redirecting to a page and that page loads fine. But when I submit the form which submit to the same page I get this.
Invalid CSRF token.
On the redirected page I do have this.
include ‘ASEngine/AS.php’;
if (! app(‘login’)->isLoggedIn()) { redirect(“login.php”); }
Hi, loving the script and started to work it into my design. I placed login/register as an option and linked to login.php.
Is there a way to return users to their current page after login?
ex: index.php?p=about or index.php?p=contact
Thanks!
Hey,
Well out of the box there is no such option, however it is pretty easy to implement. Here is how you can implement that:
Let’s say that when users click on your login link, you implement your login link to look like following: login.php?to=about.php
1. On top of login.php file, right after you require AS.php file and check if user is logged in, you can add this
$redirectPage = isset($_GET['to']) ? $_GET['to'] : get_redirect_page(); // get redirect page will return default redirect page for current user according to his role
ASSession::set('redirect', $redirectPage);2. Inside ASLogin.php file, at the bottom of userLogin method, you will modify the redirect to look like following:
respond(array(
'status' => 'success',
'page' => ASSession::get('redirect')
));Regards,
Milos
Hi, I bought the AS login package today. Just wondering how I would go about grabbing current logged in user’s details to echo.
One usage for example is to echo a name:
Welcome back <User’s Name>,
Thank you.
Hey,
Please check the documentation at the following link: http://docs.as-php.com/current-user.html
Regards,
Milos
Thank you.
Hey Milos,
Great script!
After logging in my session will last ~30 minutes or less before I’m asked to log back in.
Is there a way to fix this? ASSessions.php has the cookie expiration set at “lifetime”. Is there somewhere else I should check?
Thanks! Jeff
Hey Jeff,
Well by default session will last as long as you keep the browser open. This means that once you close the browser session cookie will immediately expire, no matter if you were logged in for 5 minutes or few hours.
To change this behavior just update the ASSession.php file and inside startSession method replace
$cookieParams["lifetime"]
session_set_cookie_params(
60*60*24, // session cookie will now be valid for 24 hours
//...
);Regards,
Milos
Hey Milos,
Thanks for the quick reply!
I keep getting logged out, with the browser window open. My setting is:
$cookieParams[“lifetime”]
Any reason why this would be happening?
Thanks Again, Jeff
Hey Jeff,
Hmmm… Really don’t have an idea. Is that clean AS installation or you have modified some things?
Regards,
Milos
Hi! Considering to buy this. How is this script to translate for use on a norwegian website? Is there seperate language files to make it easy to make a new translation?
Hey,
You can easily translate it to any language you want just by updating the language file. More about the localization is available inside the docs: http://docs.as-php.com/localization.html
Regards,
Milos
Hi, I was going through the documentation but I couldn’t see this info. How can I access the current user information through javascript? Thanks..
Hey,
I’m sorry but your support for this item has expired. Please extend the support if you need my help.
Regards,
Milos
Is it possible to login via Ajax call ?
Hey,
Yes. In fact, AS is already using AJAX for user login.
Regards,
Milos
Thanks for your quick response, but I cannot understand how. I understand how to protect a page with PHP code, but how to use an Ajax call from one page to activate protected functions from the same page, I do not see how to do it from your docs.
Hey,
Not sure that I understand what exactly you want to do, but you just send and ajax request to ASAjax.php file with appropriate “action” value to get the data or do whatever you want… Sending an ajax request from from one page to the very same page is something that you should try to avoid.
Regards,
Milos
Thanks for the response. Is ASAjax.php documented or do I have to analyse the PHP code ?
Hey,
It’s not inside the documentation, but actually there is really nothing to document there. It is pretty simple and if you take a look at it you will see how it works. Basically you just send specific “action” value and then depending on that action value you execute specific code.
But anyways, you don’t have to use ASAjax.php if you don’t want to. You can create your own files that will handle AJAX requests and just include ASEngine/AS.php on top of them so you can get access to all AS related features.
Regards,
Milos
Thanks again.
