Advanced Security is user registration/login system written in pure PHP. It is designed to provide a very high security level of any part of your system. It can be used with an existing look based on Bootstrap 5 or it can easily be inserted into any existing PHP application and integrated with the existing system. Version 4.0.0 Looking for something more robust? Check out Vanguard, Advanced PHP Login and User Management! Features User registration Adding/editing users from admin panel User login Forgot password Email verification Login via Facebook, Twitter or Google+ Easy to translate user interface and validation messages Full unicode support Send emails using php mail() or SMTP Easy installation using Advanced Security Installation Wizard Configuration file is automatically generated All database tables are automatically generated No additional configuration required 3 default user roles: Admin, Editor and User Admin is available to add unlimited number of user roles All forms are submitted using Ajax User profile update User password change Simple admin panel for user management Built using Bootstrap 5 Easy to customize Client side and server side form validations Fully object oriented and commented PHP and JavaScript code. Complete and detailed documentation Why Advanced Security? PDO prepared statements for database manipulation – no SQL injection Advanced session security – no Session hijacking and Session fixation Client side 512bit password hashing – don’t worry if you don’t have https (you should always set it up if possible though) Server side password encryption using Bcrypt Limited number of invalid login attempts – prevent Brute force attack CSRF Protection Demo, Documentation and Support Admin details: username: admin password: admin123 Demo Link: https://as-php.com/login.php Documentation Link: View The Docs Support: https://milos.support-hub.io Changelog Version 4.0.0 Upgraded codebase to work with 8.1 Upgraded to Bootstrap 5 All third-party frontend and backend libraries are updated to the latest versions Fixed issue with logging out the banned user automatically Removed sha512 as a possible password hashing mechanism and default to Bcrypt Version 3.0.1 Google+ authentication replaced with Google Sign-in A few bugs fixed Version 3.0.0 Complete frontend rewrite and upgrade to Bootstrap 4.1 Version 2.4 Fixed issues with social authentication Added the German language Fixed wrong redirect URL (on some servers) after language is changed Updated documentation Version 2.3 Improved CSRF protection Removed bootstrap 2 and added the latest version of bootstrap 3 SESSION_REGENERATE_ID is now removed Separate sidebar template Added trans helper function for easier translations All PHP classes are PSR-2 compliant All pages are refactored and optimized Three new classes - ASCsrf, ASResponse and ASPasswordHasher Added font awesome icons Added DEBUG constant A completely new installation wizard Added Pimple - Dependency Injection Container Added mail sender parameters to ASConfig (from name and from email) New logo Completely rewritten documentation Minimum PHP version required is now PHP 5.3 Version 2.2 Added version constant inside ASEngine/AS.php file. Reset forgot password form after email is sent successfully. Reset registration form after successful registration. Fix problem with not creating admin password on old PHP versions. Added Swedish Language. Added French Language. Fixed CSRF protection to support some shared hosting providers. Modified redirect helper function to allow redirects to external urls. Version 2.1 Added option for redirect to custom page for specific user role. Added two new translation languages. Various bugs fixed. Version 2.0 Added social login via Facebook, Twitter and Google+ The administrator can now add a new user or edit existing users. Added search for users table Added pagination for users table Added unicode support Added option for updating system language ASDatabase class now implements the Singleton design pattern Added option for changing how emails will be sent (php mail or SMTP) Added option to select redirect page after user login Added option to set lifetime for password reset token Added option to select if the user should confirm his email after registration or not Added option to ban specific user All bugs fixed from previous versions Version 1.3 CSRF protection included Version 1.2 Admin is now available to add more user roles Version 1.1 Added option for selecting password encryption algorithm Added option for selecting a version of Twitter Bootstrap Added loading state on the Update Password button Added loading state on Update Details button