w34u/ssp

Secure login system for php frameworks, applications and sites

Monday, July 23, 2018
by julesbl
Repository
4 Watchers
0 Stars
15 Installations

PHP
0 Dependents
0 Suggesters
0 Forks
0 Open issues
17 Versions
7 % Grown

The README.md

Simple Site Protection

Secure login system for php frameworks, applications and sites, _(*1)

These set of php routines are designed to allow php developers to easily secure a site or an application., _(*2)

Based on the ideas and information written about in [Innocent Code] (http:///www.amazon.co.uk/Innocent-Code-Security-Wake-up-Programmers/dp/0470857447/ref=sr_1_1?ie=UTF8&s=books&qid=1266594625&sr=1-1) by the security consultant [Sverre H. Huseby] (http://shh.thathost.com/) the code attempts to make the site resilient against most forms of attack., _(*3)

Installation

composer require w34u/ssp, _(*4)

Move vendor/w34u/ssp/cfg to version controlled part of your project, preferably outside the browser viewable part of your project.
Rename vendor/w34u/ssp/cfg/Configuration.change.php to Configuration.php and assign values to all the properties to do the database connection and secure your site.
Add "autoload": { "psr-4": { "w34u\\ssp\\": "cfg/" } }, to composer.json so that the configurations load and then run 'composer dumpautoload' to refresh the loader., _(*5)
Move vendor/w34u/ssp/cfg/sspadmin to a browser viewable area and ensure sspadmin/includeheader.php requires the composer autoloader in vendor., _(*6)
Point your favourite browser at sspadmin/setup and follow the instructions to create the database and your first admin login.

[Originally hosted on source forge for old versions] (https://sourceforge.net/projects/ssprotection/), _(*7)

System requirements

PHP >= 5.5 and up., _(*8)

adodb/adodb-php >= 5.0, _(*9)

mbstring, _(*10)

mcrypt, _(*11)

Attacks hardened against are:

Sql injection.
Invalid character injection in forms.
Javascript injection in forms.
Sesson theft.
Session takeover.
One forms out put being used into another.
Designed to be used with ssl thus helping to prevent man in the middle type attacks.

Facilities provided by this set of libraries and routines:

Basic joinup routine.
Password recovery.
User admin.
User self admin.
Fully templated using fast simple template class.
Powerful (and paranoid) form building class.
Data checking class.
Useful lister and html menu list generation classes
Works with php 5.0 upwards
Uses database abstraction to work with most databases, has been used with MySql, Access and MS Sql Server.
Multi lingual capability with browser language checking.

Http or Https.
Variable number of actals for ip checking.
Fully configurable on types of checks to be done.
Login by email or username.
Extend the login for other user inputs.
Error output either to screen or log file for live sites.

The Versions

23/07 2018

dev-master

9999999-dev

Secure login system for php frameworks, applications and sites

library ssp

Secure login system for php frameworks, applications and sites

w34u/ssp

The README.md

Simple Site Protection

Installation

System requirements

Attacks hardened against are:

Facilities provided by this set of libraries and routines:

Highly configurable session, login and debug:

The Versions

dev-master

The Requires

The Development Requires

by Julian Blundell

v3.1.4

The Requires

The Development Requires

by Julian Blundell

v3.1.3

The Requires

The Development Requires

by Julian Blundell

v3.1.2

The Requires

The Development Requires

by Julian Blundell

v3.1.1

The Requires

The Development Requires

by Julian Blundell

v3.1.0

The Requires

The Development Requires

by Julian Blundell

dev-version_3.0_dev

The Requires

by Julian Blundell

v3.0.9

The Requires

by Julian Blundell

v3.0.8

The Requires

by Julian Blundell

v3.0.7

The Requires

by Julian Blundell

v3.0.6

The Requires

by Julian Blundell

v3.0.5

The Requires

by Julian Blundell

v3.0.4

The Requires

by Julian Blundell

v3.0.3

The Requires

by Julian Blundell

v3.0.2

The Requires

by Julian Blundell

v3.0.1

The Requires

by Julian Blundell

v3.0.0

The Requires

by Julian Blundell