Advanced Security - PHP Register/Login System

Advanced Security is user registration/login system written in pure PHP. It is designed to provide a very high security level of any part of your system. It can be used with an existing look based on Bootstrap 5 or it can easily be inserted into any existing PHP application and integrated with the existing system.

Version 5.0.0

Looking for something more robust?

Check out Vanguard, Advanced PHP Login and User Management!

Features

• User registration
• Adding/editing users from admin panel
• User login
• Forgot password
• Email verification
• Login via Facebook, Twitter or Google+
• Easy to translate user interface and validation messages
• Full unicode support
• Send emails using php mail() or SMTP
• Easy installation using Advanced Security Installation Wizard
  • Configuration file is automatically generated
  • All database tables are automatically generated
  • No additional configuration required
• 3 default user roles: Admin, Editor and User
• Admin is available to add unlimited number of user roles
• All forms are submitted using Ajax
• User profile update
• User password change
• Simple admin panel for user management
• Built using Bootstrap 5
• Easy to customize
• Client side and server side form validations
• Fully object oriented and commented PHP and JavaScript code.
• Complete and detailed documentation

Why Advanced Security?

• PDO prepared statements for database manipulation – no SQL injection
• Advanced session security – no Session hijacking and Session fixation
• Client side 512bit password hashing – don’t worry if you don’t have https (you should always set it up if possible though)
• Server side password encryption using Bcrypt
• Limited number of invalid login attempts – prevent Brute force attack
• CSRF Protection

Demo, Documentation and Support

• Admin details:
  • username: admin
  • password: admin123
• Demo Link: https://as-php.com/login.php
• Documentation Link: View The Docs
• Support: https://milos.support-hub.io

Changelog

Version 5.0.0

Updated to work with modern PHP (8.0 is minimum requirement now) All third-party backend libraries updated to the latest versions Added support for automated testing and covered the entire codebase with tests Fixed missing translations

Version 4.0.0

Upgraded codebase to work with 8.1 Upgraded to Bootstrap 5 All third-party frontend and backend libraries updated to the latest versions Fixed issue with logging out the banned user automatically Removed sha512 as possible password hashing mechanism and default to Bcrypt

Version 3.0.1

Google+ authentication replaced with Google Sign-in A few bugs fixed

Version 3.0.0

Complete frontend rewrite and upgrade to Bootstrap 4.1

Version 2.4

Fixed issues with social authentication Added German language Fixed wrong redirect URL (on some servers) after language is changed Updated documentation

Version 2.3

Improved CSRF protection Removed bootstrap 2 and added latest version of bootstrap 3 SESSION_REGENERATE_ID is now removed Separate sidebar template Added trans helper function for easier translations All PHP classes are PSR-2 compliant All pages are refactored and optimized Three new classes - ASCsrf, ASResponse and ASPasswordHasher Added font awesome icons Added DEBUG constant Completely new installation wizard Added Pimple - Dependency Injection Container Added mail sender parameters to ASConfig (from name and from email) New logo Completely rewritten documentation Minimum PHP version required is now PHP 5.3

Version 2.2

Added version constant inside ASEngine/AS.php file. Reset forgot password form after email is sent successfully. Reset registration form after successful registration. Fix problem with not creating admin password on old PHP versions. Added Swedish Language. Added French Language. Fixed CSRF protection to support some shared hosting providers. Modified redirect helper function to allow redirects to external urls.

Version 2.1

Added option for redirect to custom page for specific user role. Added two new translation languages. Various bugs fixed.

Version 2.0

Added social login via Facebook, Twitter and Google+ Administrator can now add new user or edit existing users. Added search for users table Added pagination for users table Added unicode support Added option for updating system language ASDatabase class now implement Singleton design pattern Added option for changing how emails will be sent (php mail or SMTP) Added option to select redirect page after user log in Added option to set life time for password reset token Added option to select if user should confirm his email after registration or not Added option to ban specific user All bugs fixed from previous versions

Version 1.3

CSRF protection included

Version 1.2

Admin is now available to add more user roles

Version 1.1

Added option for selecting password encryption algorithm Added option for selecting version of Twitter Bootstrap Added loading state on Update Password button Added loading state on Update Details button