Advanced Security is user registration/login system written in pure PHP. It is designed to provide very high security level of any part of you system. It can be used with existing look based on Twitter Bootstrap or it easily can be inserted into any existing PHP application and integrated with existing system.
Looking for something more robust?
Check out Vanguard, Advanced PHP Login and User Management!
- User registration
- Adding/editing users from admin panel
- User login
- Forgot password
- Email verification
- Login via Facebook, Twitter or Google+
- Easy to translate user interface and validation messages
- Full unicode support
- Send emails using php mail() or SMTP
Easy installation using Advanced Security Installation Wizard
- Configuration file is automatically generated
- All database tables are automatically generated
- No additional configuration required
- 3 default user roles: Admin, Editor and User
- Admin is available to add unlimited number of user roles
- All forms are submitted using Ajax
- User profile update
- User password change
- Simple admin panel for user management
- Built using Twitter Bootstrap
- Easy to customize
- Client side and server side form validations
- Complete and detailed documentation
Why Advanced Security?
- PDO prepared statements for database manipulation – no SQL injection
- Advanced session security – no Session hijacking and Session fixation
- Client side 512bit password hashing – don’t worry if you don’t have https
- Server side password encryption using Bcrypt with custom cost or SHA-512 with thousands of iterations (both are using random generated salt)
- Limited number of invalid login attempts – prevent Brute force attack
- CSRF Protection
Demo & Documentation
- Admin details:
- username: admin
- password: admin123
- Demo Link: https://as-php.com/login.php
- Documentation Link: http://docs.as-php.com
Fixed issues with social authentication Added German language Fixed wrong redirect URL (on some servers) after language is changed Updated documentation
Improved CSRF protection Removed bootstrap 2 and added latest version of bootstrap 3 SESSION_REGENERATE_ID is now removed Separate sidebar template Added trans helper function for easier translations All PHP classes are PSR-2 compliant All pages are refactored and optimized Three new classes - ASCsrf, ASResponse and ASPasswordHasher Added font awesome icons Added DEBUG constant Completely new installation wizard Added Pimple - Dependency Injection Container Added mail sender parameters to ASConfig (from name and from email) New logo Completely rewritten documentation Minimum PHP version required is now PHP 5.3
Added version constant inside ASEngine/AS.php file. Reset forgot password form after email is sent successfully. Reset registration form after successful registration. Fix problem with not creating admin password on old PHP versions. Added Swedish Language. Added French Language. Fixed CSRF protection to support some shared hosting providers. Modified redirect helper function to allow redirects to external urls.
Added option for redirect to custom page for specific user role. Added two new translation languages. Various bugs fixed.
Added social login via Facebook, Twitter and Google+ Administrator can now add new user or edit existing users. Added search for users table Added pagination for users table Added unicode support Added option for updating system language ASDatabase class now implement Singleton design pattern Added option for changing how emails will be sent (php mail or SMTP) Added option to select redirect page after user log in Added option to set life time for password reset token Added option to select if user should confirm his email after registration or not Added option to ban specific user All bugs fixed from previous versions
CSRF protection included
Admin is now available to add more user roles
Added option for selecting password encryption algorithm Added option for selecting version of Twitter Bootstrap Added loading state on Update Password button Added loading state on Update Details button