PHP Security & User Management

Last Update: 27 December 2012
Regular License: $20
Extended License: $100
Sales: 526

Please Note: This app is no longer supported…

15 Feature Packed Components Rolled into 1 Powerful Application!

Welcome to the Ultimate “PHP Security and User Management”. In a nutshell, this application features: Login, Registration, Password Reset, Lost User Name, Lost Activation, Role based Page Security, User Profiles, Complete User Account/Credentials Management Back-End, PayPal Subscriptions Manager for Premium Membership, Subscription Coupons, Protected Digital Downloads, Plus ++ Bonus Addons: File Explorer, Data Driven Menu System, and a Dynamic, Multi-Level User Feedback that can be used as a PHP /MySQL Website Starter Kit or as an integrated application in your already existing site with all the page security and user management features already built in.

It is a feature rich application that is easy to implement and takes care of all the basics to save you time and allow you to focus on what’s important. Use it as a template to start your next new project or add it to your existing site to provide Out-Of-The-Box Security, User Management features and so much more…

Please view and play with the demo and read the Getting Started Guide so you gain a little more insight about the purpose of this application, some of its inner workings, deployment and implementation. You don’t have to buy this app to ask questions. If in doubt about the extent of any of the functionality, please contact me from my profile page so I can answer your questions. Looking forward to hearing from you! Demo | Online Documentation / Getting Started Guide

Brief Feature Highlight:

Registration with double hashed Password and Salt, Welcome Email and Account Activation, Password Reset with Email, Lost User Name, Lost Activation – (Resend Activation Email), reCAPTCHA integration with optional ON/OFF, reCaptcha with Auto-On Feature, Auto Lockout and Auto Unlock Features, User Name Availability check on Registration Page, MX Records Check for Account Emails, Hides Login, Registration, Password Reset, Lost User Name, Lost Activation after Login, Role Based Page Security (Unlimited Roles for Any User), Rich User Account and Role Management Features, User Profiles (admin can edit any profile, users can edit their own account info), Broadcast Email for Newsletters and General Communications, Dashboard Overview with Google Charts – all of the above with tons of bulk management features, ASP.NET style grid views with sortable columns, multiple selection check-boxes, alternating row colors, paging, A-Z navigation and full-text search, Configuration File with editable options, Quick Edit Configuration and Connection String File in the browser, File Explorer – enabling admin to view/edit any text based file in the browser, Data Driven Menu System based on JQuery Superfish with all the back-end trimmings,

Data Driven Multi-Level User Feedback / Contact system with complete back-end management, PayPal Subscriptions Manager for Premium Membership, Instant Payment Notification IPN – curl or fsockopen – NEW!

Subscription Coupons, Protected Digital Downloads, Take entire site Offline for maintenance, – NEW!

and much-much more…

1. Login Control Highlights:

reCaptcha ON/OFF option reCaptcha Auto-On after X number of failed attempts Default Login destination for all users Custom Login destination per user Remember last page access User Name, Password and Role Validation and Authentication Form validation / empty fields check with error messages displayed on form Auto Login with optional settings in configuration file Auto Lockout after defined number of unsuccessful tries Auto Unlock after specified number of minutes Secure Sessions and Cookies Prevent Account sharing Optional Destination URL (redirect) after Login for any User Account Allows the administrator to override the default login functionality which is aware of the presence of a destination / return URL.

Records important dates such as: Create Date, Last Login Date, Last Login IP, Last Password Reset Date, Last Activity Date, Last Lockout Date, and Last Unlock Date. Auto-Hide Control while logged in

2. Registration Control Highlights:

reCaptcha ON/OFF option Form Validation Unique User Name check Unique Email Check User Name availability check function Password Strength Indicator

Double Hashed Account Passwords with Salt Adds User to Default Role Optional Account Approval settings Optional Password Requirements: minimum password length require number require special character allow user name in password Password Compare check Account Activation Email Welcome Email MX Records check for account email Security Question and Answer On form error reporting Auto Hide Control while logged in

3. Password Reset Highlights:

User Name validation Security Answer validation Random Hashed Password generation Email new temporary credentials to user

4. Lost User Name Control: This control allows the user to retrieve their account user name if forgotten.

5. Lost Activation Control: This control re-sends the account activation email if lost or not received, allowing the user to complete the account activation process.

6. Role Based Page Security: Users can be associated with / put into any number of security roles (groups) and pages can be protected based on these roles – allowing the implementation of fine-grained and layered page security.

7. User Profiles: User Profiles allow the administrator to view, edit and delete user related information. Logged-in users can view and edit their own account related information: Change password, e-mail, security question and answer, personal information (name, address etc.) and avatar image.

8. File Explorer: Utilizing PHP and JQuery, the File Explorer allows the administrator to view the entire structure of the site and view/edit any text based file (txt, html, css, js, xml, php, sql etc…) in the browser using a JQuery modal dialogue. Perfect for quick code editing without having to download, edit and re-upload files.

9. Data Driven Navigation Menu – PHP/MySQL/JQuery: Based on the popular JQuery Superfish menu with an added database layer and all back-end forms. Allows the creation of unlimited menu groups, menu items and menu levels.

10. User Feedback System: A dynamic PHP/MySQL/JQuery User Feedback system with complete back-end management, unlimited categories and subcategories and built in e-mail to allow your users and visitors to provide feedback on any topic.

11. Administration Panel: Functions and features are too numerous to describe. Take a look at the documentation at the demo site, then check out the controls and then login to the admin panel and registered Users Dashboard to see and decide for yourself.

12. Flexible Page Protection: To protect any PHP page within your site, you use a simple copy and paste script. You can edit this script, by simply listing the Security Roles (Groups) that you want to allow to view the page. There is no limit to the number of Roles you create in the database and use in your pages. You can create Roles for a single user account or for an unlimited number. Very simple, very powerful.

13. PayPal Subscriptions Manager for Premium Membership: The PayPal Premium Membership module is a fully featured user management system with PayPal Subscriptions integration. It allows the administrator to create and manage an unlimited number of subscription options and rates. With a single additional line of code snippet, you can verify Premium Membership Access for any of your premium content pages. In addition to the powerful authentication and authorization system mentioned above, you can make sure that premium content pages are only viewed by paying customers.

14. Subscription Coupons: Administrators can create Coupons for Premium Membership (PayPal) Subscriptions that can be applied by customers towards their new subscriptions. Admin can define date range and premium level. Very flexible!

15. Protected Digital Downloads: Allows the administrator to upload any type of files to a protected directory and make it available to Premium Membership users based on their subscription level. PLEASE NOTE: File upload uses PHP’s built in file upload, and the upload file size will depend on your server settings in php.ini. This facility is not meant for distributing very large files. Example for php.ini settings can be found in the web.config.php file.

Documentation and Installation Instructions: Documentation and installation instruction are available online at the Live Preview / Demo Site. Installation is very simple: 1. Deploy the database script, 2. edit connection string, 3. add your email address to the configuration file, 4. Upload files to your hosting server.

Support: Feel free to contact me with any product related or custom development questions you may have via e-mail at (hunzonian at gmail dot com).

If you are a complete novice and have a difficult time implementing this application – feel free to contact me. I will do my best to help you. If you e-mail me for tech support, please describe your issue in detail.

- Update: 10-02-2012 - General Maintenance.

- Update: 04-23-2012 - Fixed apastrophe bug in Register and Create User forms.

- Update: 10-27-2011 - Added prevention for account sharing. Can be enabled or disabled in config file. - Revamped PayPal IPN file to work with curl as well as fsockopen. - General Maintenance and bug fixes.

- Update: 07-27-2011 - U.I. Redesign. - General Maintenance.

- Update: 04-18-2011 - Added Lost User Name form that allows users to retrieve their usser name if forgotten. - Added configuration option for approving all new account regitrations manually. Admin can approve and send activation e-mail to users from admin panel.

- Update: 04-15-2011 - Coupon system for PayPal Subscriptions. - Protected Digital Downloads for Premium Membership. - General Maintenance.

- Update: 04-04-2011 Just some minor updates based on user request… - 1. Added configurable option for captcha to display after x number of failed attempts even if Captcha is set to Off in configuration file. Previously, the admin could turn all captcha occurances to ON/Off. With this functionality, even if captcha is set to Off, it will turn itself On after set number of failed submissions. - 2. Fixed lockout duration timer to be accurate to the second.

- Update: 04-01-2011 Reworked the admin chat box code and fixed the CSS issue for IE7 and Jquery issue for Opera. Also added Default Login Destination URL that can be set in the configuration file. If default login destination is set, all users are automatically redirected to the default destination URL accept the users who’s destination URL has been custom set in the admin panel, overriding the default setting. So now we have ReturnURL, Custom Destination that can be set per user, and Default Destination that can be set in the config file. They all work in tandem giving you all the flexibility you need.

- Update: 03-28-2011 Security updates for User Profile section. If password is stolen, changing account details like password, email etc. require security question and answer to change so original user cannot be locked out of their own account. Fixed a gridview paging error in admin on one of the gridviews. Added a simple chatter box for logged in administrators that allows them to communicate with each other.

- Update: 03-20-2011 PayPal Subscriptions for Premium Membership with unlimited Subscription Categories and Subcategories, Optional Free or Fee based Trial (Period-1 and 2)...

- Update: 01-03-2011 PHP/MySQL/JQuery Website Feedback System complete with back-end management. Unlimited categories and subcategories…

- Update: 12-18-2010 File Explorer, User Profile System and Data Driven Menu System have been added. Please note that the documentation and demo site are not updated yet but is in progress.

- Update: 12-16-2010 Minor issues related to some security settings with some shared hosting accounts have been fixed.

- Update: 11-30-2010 Optional Destination URL (redirect) after Login for any User Account is now available. If you need to redirect specific users to specific pages, you can set the destination URL in the admin area under user details. After Logging in, users are automatically redirected to the defined destination URL.