Code

Advanced Security - PHP Register/Login System

Advanced Security - PHP Register/Login System

Advanced Security is user registration/login system written in pure PHP. It is designed to provide very high security level of any part of you system. It can be used with existing look based on Twitter Bootstrap or it easily can be inserted into any existing PHP application and integrated with existing system.

Version 2.4

Looking for something more robust?

Check out Vanguard, Advanced PHP Login and User Management!

Features

  • User registration
  • Adding/editing users from admin panel
  • User login
  • Forgot password
  • Email verification
  • Login via Facebook, Twitter or Google+
  • Easy to translate user interface and validation messages
  • Full unicode support
  • Send emails using php mail() or SMTP
  • Easy installation using Advanced Security Installation Wizard
    • Configuration file is automatically generated
    • All database tables are automatically generated
    • No additional configuration required
  • 3 default user roles: Admin, Editor and User
  • Admin is available to add unlimited number of user roles
  • All forms are submitted using Ajax
  • User profile update
  • User password change
  • Simple admin panel for user management
  • Built using Twitter Bootstrap
  • Easy to customize
  • Client side and server side form validations
  • Fully object oriented and commented PHP and JavaScript code.
  • Complete and detailed documentation

Why Advanced Security?

  • PDO prepared statements for database manipulation – no SQL injection
  • Advanced session security – no Session hijacking and Session fixation
  • Client side 512bit password hashing – don’t worry if you don’t have https
  • Server side password encryption using Bcrypt with custom cost or SHA-512 with thousands of iterations (both are using random generated salt)
  • Limited number of invalid login attempts – prevent Brute force attack
  • CSRF Protection

Demo & Documentation

Changelog

Version 2.4
Fixed issues with social authentication
Added German language
Fixed wrong redirect URL (on some servers) after language is changed
Updated documentation
Version 2.3
Improved CSRF protection
Removed bootstrap 2 and added latest version of bootstrap 3
SESSION_REGENERATE_ID is now removed
Separate sidebar template
Added trans helper function for easier translations
All PHP classes are PSR-2 compliant
All pages are refactored and optimized
Three new classes - ASCsrf, ASResponse and ASPasswordHasher
Added font awesome icons
Added DEBUG constant
Completely new installation wizard
Added Pimple - Dependency Injection Container
Added mail sender parameters to ASConfig (from name and from email)
New logo
Completely rewritten documentation
Minimum PHP version required is now PHP 5.3
Version 2.2
Added version constant inside ASEngine/AS.php file.
Reset forgot password form after email is sent successfully.
Reset registration form after successful registration.
Fix problem with not creating admin password on old PHP versions.
Added Swedish Language.
Added French Language.
Fixed CSRF protection to support some shared hosting providers.
Modified redirect helper function to allow redirects to external urls.
Version 2.1
Added option for redirect to custom page for specific user role.
Added two new translation languages.
Various bugs fixed.
Version 2.0
Added social login via Facebook, Twitter and Google+
Administrator can now add new user or edit existing users.
Added search for users table
Added pagination for users table
Added unicode support
Added option for updating system language
ASDatabase class now implement Singleton design pattern
Added option for changing how emails will be sent (php mail or SMTP)
Added option to select redirect page after user log in
Added option to set life time for password reset token
Added option to select if user should confirm his email after registration or not
Added option to ban specific user
All bugs fixed from previous versions
Version 1.3
CSRF protection included
Version 1.2
Admin is now available to add more user roles
Version 1.1
Added option for selecting password encryption algorithm
Added option for selecting version of Twitter Bootstrap
Added loading state on Update Password button
Added loading state on Update Details button
by
by
by
by
by
by