Hello,
This is a great system but it uses an early version of the SafeMySQL class, which has been updated several times since June 2013. Do you have the time to update the mysql.class.php file included in your system?
Thanks!

captcha does not work http://747media.nl/sixpack/register.php do you know how to solve this problem?

Is it possible to get the avatars from my mysql database not from gravatar.com.
thanks

Hi There
it works on my xammp server correctly but when I tried it on my website,it shows INVALID REQUEST and changes username as my dbname and password as my dbpassword while logging in using username admin and password 1234. and captcha is not working.

please help

Warning: session_unset() expects exactly 0 parameters, 1 given in C:\xampp\htdocs\home\newlogin\lib\users.class.php on line 219
Notice: Trying to get property 'groupid' of non-object in C:\xampp\htdocs\home\newlogin\lib\users.class.php on line 111
Notice: Trying to get property 'type' of non-object in C:\xampp\htdocs\home\newlogin\lib\presets.class.php on line 49
Notice: Trying to get property 'userid' of non-object in C:\xampp\htdocs\home\newlogin\lib\presets.class.php on line 60
Notice: Trying to get property 'username' of non-object in C:\xampp\htdocs\home\newlogin\lib\presets.class.php on line 76
Notice: Trying to get property 'banned' of non-object in C:\xampp\htdocs\home\newlogin\header.php on line 118

Pretty much every page has the same error's just different files..

How do i fix this?

WHen i install the install.php file in my browser then it show me
Error: 1049 Unknown database 'mls'
can u help me please

Great system for simple logins, though I really got to like the newer version of bootstrap, and it would be really handy, if you updated your login system to to bootstrap 3!

Hi , thank u for the code. but i have a problem could you tell me how to remove the brand name and only show it to users

Hi, I love the code, but new users cant seem to register, I keep getting this error:
There was an error ! Please try again !
I added a few debug echos and I think $id is not being set within this section

if(($db->query("INSERT INTO `".MLS_PREFIX."users` SET ?u", $user_data)) && ($id = $db->insertId()) && $db->query("INSERT INTO `".MLS_PREFIX."privacy` SET `userid` = ?i", $id)) {

thanks for the code bro
i am having issue with moding the code in header.php
i have member field with expire date
now i want to compare expire date with this date("d/m/y")

// we will add the expired user to ban
    $_enban = $db->getAll("SELECT `userid` FROM `".MLS_PREFIX."users` WHERE `expiredate` = ".date("d/m/y"));
    if($_enban) 
        foreach ($_enban as $_usr) {
            $db->query("UPDATE `".MLS_PREFIX."users` SET `banned` = '1' WHERE `userid` = ?i", $_usr->userid); 
            $db->query("INSERT INTO `".MLS_PREFIX."banned` SET `userid` = ?i, `username` = 'admin', `by` = '1', `until` = '1434778187', `reason` = 'Payment is due' ", $_usr->userid);            
        }
        }

thanks please help me out

Salut Ionut, spune-mi si mie te rog care este rolul in momentul cand dai ban cuiva cu scriptul asta, pentru ca am vazut ca indiferent daca userul este banat nu afecteaza cu nimic, userul se poate loga, poate sa navigheze contul lui cu usurinta, nu poti face si tu sa ii blocheze contul si accesul la meniuri, content? Si in alta ordine de idei, crezi ca este greu sa faci un friend sistem, bazat pe conturile din script? Si ultima intrebare, se poate plasa content diferit pe fiecare pagina de user?

"Notice: Undefined property: stdClass::"

how to fix this?
where I can find stdClass? Thanks

Warning: mail(): Failed to connect to mailserver at "localhost" port 25, verify your "SMTP" and "smtp_port" setting in php.ini or use ini_set() in C:\xampp\htdocs\freefile\lib\options.class.php on line 36

what i hv to write in that code??? please help me out...

Code is here where is error..... plz plz help me...

public function sendMail($to, $subject, $message, $from = 'From: [email protected]', $isHtml = true) {

    $from .= "\r\n"; // we make sure we have an endline
	if($isHtml) {
		$from .= "MIME-Version: 1.0 \r\n";
        $from .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
	}
	$from .= 'X-Mailer: PHP/'.phpversion()."\r\n";
    
	return mail($to, $subject, $message, $from);
    
}

An authenticated user can insert arbitrary HTML elements, including <script>, by placing said elements in the display name field for their profile in the update profile interface. This code is then interpreted and (in the case of script) run in the browser of anyone who views the profile of the malicious user (for example, in "My Profile").
In the example below, the payload is simply <script>alert("XSS");</script> in the display name field, without obfuscation.

I don't know why, but during the installation i uploaded the whole repository into a ec2 instance and when i run install.php it works but when i submit all data such as, database name, pasword ecc... it doesn't work ..
why?

sir i follow to a process to install master login system, problem is the registration.php file not be open show that"unable to connect server" help me

Thank you for did a lot of work here,but i have one problem,and it is how can i edit my header bar,i want to add /remove some link in the header bar

THANK YOU!

here is the new look if u want i can share it

Hey,

I've tried changing the CSS to different things, including other bootstrap themes (Flatly instead of Yeti), but it always breaks the site. Is there any known CSS alternatives to Yeti that work with this?

Thanks :)

Hi, im using your code in my website development,
its a clean and good code, but im wonder how i can create new user inside admin panel ?

Thanks.

userid = '5'; 
$value = 'some value to update in users table where user id=5' ;
$col = array( 'column1') ;
$sql = "UPDATE `".MLS_PREFIX."users` SET ";

foreach ($col as $k ) {
   if($k == 'column1' ) {
      $sql .= $db->parse(" ?n = ?s,", $k, $value);
     }

  }
$sql = trim($sql, ",")." LIMIT 1";

I want to update a column value in the users table where userid = 5 or something . but it's not working.
and still not getting "?n=?s " part in the above code.

how to solve it?

Just running a test with everything using the php web server the logout option after logging in is not working correctly.

It would be nice to have the passwords salted after hashing with SHA1. Most developers would argue against using SHA1 for hashing password since computers are more capable of reversing the hashes of SHA1 nowadays and we all know most users tend to use simple passwords which makes it easier to carry out known plaintext attack and rainbow table attacks if your server was compromised.

If attacker can brute force one hash and multiple users were using the same password, they would also be vulnerable because in your code 2 password hashes stored in the databases would be the same if 2 users were to choose the same password.

One simple solution is to hash password using password_hash() function which is a feature of PHP 5.5 which salts and stretches the plaintext and also chooses the best algorithm (future proofing) during execution. To verify the hash simply use password_verify() function, this will check the hash algorithm information, salt and hashed password.

Also, your login.php page doesn't seem to have protection against multiple login attempt which could facilitate bruteforce login attack. To prevent multiple login attemts, each user could have an additional field in database which could be used for locking the user for certain period (maybe 10-30 min) after certain number of failed login attempts. You could also implement a captcha request after a certain number of unsuccessful login attempts.

How does the contact page work? I am not receiving an email upon sending.

I get the same error message "There was an error ! Please try again !" I am not able to register a new user.

Rolfe

Hello, first of all thanks for your code 👍 !
How about to recode your project into MVC based script?
(Something like https://github.com/panique/php-login )
And new feature needed:

1. Email verify message
   And please, provide us Your PayPal donate button and post it on main page of your project.
   Thats all! Thanks again.

You are using sha1 to protect passwords. this is easily hacked.

to secure passwords you need to use password_hash

ive managed to get everything installed and working to a point where i try and design the index page then i get "un able to display page" any help would be appreciated and if i can get this working a donation would not be a probem

can u please add register only on invitation?

You did a good job at the code!

But I have one question, can you add a chat page (if possible save the chat within mysql for 1 month).
I'm not good at PHP and I can only do HTML 😬.

Thanks for the awesome work!!
Jolle!

Hi There
it works on my xammp server correctly but when I tried it on my website,it shows INVALID REQUEST while logging in using username admin and password 1234.
please help

how to setting the email? forgot pass

I absolutely love your login system. Amazing! I'm not experienced in web development. How would I get rid of the "Extra" drop-down on the navbar? Thanks :)

found a small bug. when creating a new group and you add it to type: member and save it, the group getst the type guest and not member.
when returning to the group management you will see the new group, but it has the type guest.
when editing the group and set it to the type member then it will be correct.

so on creation of the group the type isn't set correctly

Hi,
I have noticed when user is logout from the system and know the direct link can view the content... How to fix it?

PS> many thanks for this contribution!

after putting information in install.php it showing following error of Error: 1049 Unknown database 'mls'
please resolve...
Thanks in Advance.

I got a problem Notice: A non well formed numeric value encountered in C:\xampp\htdocs\master-login-system-master\lib\captcha\captcha.php on line 54 specific

No upload value of profile photo.