Upgrade Guide

Advanced Security - PHP Register/Login System Advanced Security - PHP Register/Login System / Last updated on April 26, 2018

To 2.4 from 2.3

This version contains few bug fixes from previous release. Here is what you wound need to do:

  • Overwrite your vendor folder with latest one. In case you modified something inside the vendor folder, just copy new files instead of overwriting. This version is using the most recent packages (which you can update by running composer update btw) so it is important that you update them so application can work properly (especially for social authentication feature).

  • Copy new file called socialauth_callback.php to your AS root directory.

  • Update socialauth.php file with the latest one.

  • Update your social callback url to look like following: http://yourdomain.com/socialauth_callback.php

  • Update ASEngine/ASCsrf.php file to the latest version.

  • Overwrite complete install folder if you haven't removed it from the app. This will make sure that all future installations of the app work properly.

  • Make sure that your ASEngine/ASDatabase.php file is up to date with latest version.

  • Update ASEngine/ASLang.php file to match the latest version.

  • Update ASEngine/ASEmail.php file to match the latest version.

  • Make sure that you have de.php file inside your Lang folder and then update templates\languages.php file to add German language to the top list of available languages. Also, if you want to display German flag there, you can copy it from the latest version where it is located inside assets\img folder.

To 2.3 from 2.2

This update contains a lot of changes comparing to previous version, and in order to properly do the update, I recommend you to go through all files and carefully update them. In case you haven't modified any of AS files, just overwrite everything and there should not be any issues.

Here are some guidelines on how you should perform the update:

Vendor Folder

Overwrite your vendor folder with latest one. In case you modified something inside the vendor folder, just copy new files instead of overwriting.

Install Folder

Completely replace the install folder. This is not required if you have app in production, since you won't install it again.


Since SESSION_REGENERATE_ID constant is removed, and session is regenerated always when some critical actions occur (after successful authentication, after user update his password etc), you can remove the constant from your ASConfig.php file.

Add following constants to ASConfig.php file:

// Name used when emails are sent from your server. 
// Default is your website name.
define('MAIL_FROM_NAME', "your_mail_from_name_here");

// Email used when emails are sent from your server.
// The recepients will see this as an email from
// which they receive their emails.
define('MAIL_FROM_EMAIL', "your_from_email_here");

PHP Classes

Copy new classes into ASEngine folder Update ASEngine\AS.php file to the latest version

Go through all PHP classes, one by one, and move all dependencies to the constructor. For example, if somewhere inside ASUser class you have $validator = new ASValidator(); you will create new protected $validator; property and move the ASValidator instance to be passed through the constructor (check latest version of ASUser class). Now, everywhere inside ASUser class you will use validator instance like $this->validator

This has to be done with all dependencies in every PHP class that AS has, and the easiest way to find all dependencies is to simply search the file for "new" keyword. This is simple preparation for some future updates that will modernize the code structure and make script testable and easier to maintain.


You should update assets folder to match the latest version. This basically means that you must copy all new files and folders from latest version, but you don't have to remove old files if you don't want to. Script will just ignore them if they are not included on your pages.

Update ASLibrarly/js/users.js, ASLibrarly/js/roles.js and ASLibrarly/js/register.js to the latest version that contains few fixes. Other JavaScript files located inside ASLibrary/js folder are not modified.

Copy newly created js-bootstrap.php file into ASLibrary/js directory.


Go through all pages (login.php, index.php...) and apply all changes from latest version. If you haven't modified those files, you can just overwrite them.

In case that you are using your own design, you probably don't need to change anything that is HTML/CSS/JavaScript related. All you have to do in that case is to update the query that is responsible for fetching data and displaying it to database (usually located on top of every file).

Update templates/footer.php to include some common scripts as well as newly created js-bootstrap.php file that is now used to initialize $_lang variable and set up jQuery AJAX to send CSRF token automatically. This means that you should now remove $_lang variable initialization from any other files than js-bootstrap.php.