UserFrosting is a secure, modern user management system written in PHP and built on top of the Slim Microframework, Twig templating engine, and Eloquent ORM.

Overview

UserFrosting 4.5

Latest Version PHP Version Software License Join the chat at https://chat.userfrosting.com/channel/support Backers on Open Collective Sponsors on Open Collective Donate

Branch Version Build Coverage Style
master
hotfix
develop  

https://www.userfrosting.com

If you simply want to show that you like this project, or want to remember it for later, you should star, not fork, this repository. Forking is only for when you are ready to create your own copy of the code to work on.

By Alex Weissman

Copyright (c) 2019, free to use in personal and commercial software as per the license.

UserFrosting is a secure, modern user management system written in PHP and built on top of the Slim Microframework, Twig templating engine, and Eloquent ORM.

Features

User login screen

User login script

User management page

PHP user management script

Permissions management page

UserFrosting permissions management

Demo

Installation

Please see our installation guide.

Troubleshooting

If you are having trouble installing UserFrosting, please join us in chat or try our forums.

If you are generally confused about the structure and layout of the code, or it doesn't look like the kind of PHP code that you're used to, please start from the beginning.

Mission Objectives

UserFrosting seeks to balance modern programming principles, like DRY and MVC, with a shallow learning curve for new developers. Our goals are to:

  • Create a fully-functioning user management script that can be set up in just a few minutes
  • Make it easy for users to quickly adapt the code for their needs
  • Introduce novice developers to best practices such as separation of concerns and DRY programming
  • Introduce novice developers to modern constructs such as front-end controllers, RESTful URLs, namespacing, and object-oriented modeling
  • Build on existing, widely used server- and client-side components
  • Clean, consistent, and well-documented code

Documentation

Learning UserFrosting

API documentation

Change log

Running tests

Run php bakery test from the root project directory. Any tests included in sprinkles/*/tests will be run.

Development Team

Alexander Weissman

Alex is the founder and co-owner of two companies, one that does math tutoring at Indiana University in Bloomington, IN and another company that does math tutoring at UMD in College Park, MD. He is a PhD student in the School of Informatics and Computing at Indiana University.

Louis Charette

Louis's a civil engineer in Montréal, Québec who also has a passion for coding. He is one of the main contributors for SimpsonsCity.com and likes to share his knowledge by helping others the same way he was helped when he first started coding.

Jordan Mele

Jordan's an Australian Software Engineer at Canva. His passion is creating simple yet intuitive software-based solutions for problems that would otherwise be tedious and/or difficult to solve, while keeping the user in control.

Sarah Baghdadi

Sarah is UserFrosting's UX specialist and frontend designer. In addition to her work on the UF application itself, she is responsible for the amazing design of https://www.userfrosting.com and https://learn.userfrosting.com.

Srinivas Nukala

Srinivas's a web applications architect, with a passion for open source technologies. He is experienced in building SaaS (software as a service) web applications and enjoys working on open source projects and contributing to the community. He has a Masters in Computer Science from Pune University, India.

Contributing

This project exists thanks to all the people who contribute. If you're interested in contributing to the UserFrosting codebase, please see our contributing guidelines as well as our style guidelines.

Thanks to our translators!

  • Louis Charette (@lcharette) - French
  • Karuhut Komol (@popiazaza) - Thai
  • Pietro Marangon (@Pe46dro) - Italian
  • Christian la Forgia (@optiroot) - Italian
  • Abdullah Seba (@abdullahseba) - Arabic
  • Bruno Silva (@brunomnsilva) - Portuguese
  • @BruceGui - Chinese
  • @kevinrombach - German
  • @rafa31gz - Spanish
  • @splitt3r - German
  • @X-Anonymous-Y - German
  • Dmitriy (@rendername) - Russian
  • Amin Akbari (@aminakbari) - Farsi
  • Dumblledore - Turkish
  • Lena Stergatou (@lenasterg) - Greek

Supporting UserFrosting

Backers

Backers help us continue to develop UserFrosting by pledging a regular monthly contribution of $5 or more. [Become a backer]

Sponsors

Support this project by becoming a sponsor. Sponsors have contributed a total of $500 or more to UserFrosting (either as an ongoing backer or one-time contributions). Your logo will show up here with a link to your website. [Become a sponsor]

USOR Games Next Generation Internet

Issues
  • butterflyknife installation

    butterflyknife installation

    Hi firstly I really like this project :-] I never used github so I hope this post is appropriate? There is some issues when installing butterfly knife, it runs through and adds the tables correctly once models/db-settings.php has been manually edited (should this be a step in the installation process itself?):

    1 - it tells me to add root user key, but I cant, I get the following error when manually accessing http://mysite.dom/install/create_root_user.php

    Warning: Cannot modify header information - headers already sent by (output started at /home/mysite/public_html/install/config.php:61) in /home/mysite/public_html/install/create_root_user.php on line 99

    but it does actually create the root user correctly in the database, so then next issue

    2 - root user is created but has primary-group-id set to 1 not 2 so is redirected to standard user login not admin dashboard, obviously easy to fix via phpmyadmin but just needs a small tweak in the install script I guess so set the correct user?

    3 - Upon completion the models/config.php line 73 is still hardcoded to:

    or define("SITE_ROOT", $url_prefix . "localhost/userfrosting/");
    

    should install process take care of this and adjust it?

    troubleshooting installation 
    opened by handsomechap 65
  • 06.05.2014 ButterflyKnife problems.

    06.05.2014 ButterflyKnife problems.

    Downloaded the latest version of butterflyknife, created a new database. edited the db-settings.php file, and ran /install.

    All tables created fine. Entered root account information, put in the token, pressed the button and I got two errors saying "The master account already exists!" on the Installation Complete screen. I checked the information in the database, everything looks fine.

    I deleted the installed folder, visited the website (i.e. foobar.com/) and the home screen comes up. It then redirects me to http://foobar.com/localhost/account/dashboard_admin.php. I removed the localhost/ out of the URL in the browser, pressed enter, and it still redirects me back to http://foobar.com/localhost/account/dashboard_admin.php

    Now when I visit foobar.com/ it still redirects me to http://foobar.com/localhost/account/dashboard_admin.php

    I looked around in the MySQL configuration table and saw website_url as localhost/ and i changed it to foobar.com/ Now it goes to http://foobar.com/foobar.com/account/dashboard_admin.php

    Changing the website_url information in the database to http://foobar.com did not fix it either. Still redirects to http://foobar.com/foobar.com/account/dashboard_admin.php

    confirmed bug 
    opened by desynergy 60
  • Unable to log into admin account after fresh install

    Unable to log into admin account after fresh install

    I am not able to log in after a (seemingly successful) new install on the current git snapshot. All I get is 'Username or password is invalid'.

    confirmed bug compatibility 
    opened by skjolber 46
  • Error message on call function

    Error message on call function

    Whenever I login I get the following error message:

    Fatal error: Call to a member function bind_param() on a non-object in public_html/UserFrosting/models/funcs.php on line 476

    It also carries over on every page I try to access. It eventually goes away when my session times out.

    troubleshooting 
    opened by sheldonjs 41
  • PM Plugin

    PM Plugin

    Well got this all started up again so far I have everything done except the actual sending and replying of the message. Otherwise the delete, inbox, and outbox are all working as intended.

    I have the code in my dev branch just working on it when time allows should be done soon.

    wontfix sprinkle feature request up-for-grabs 
    opened by lilfade 39
  • Use Illuminate/Schema in installer, instead of raw queries, to support SQL Server, Postgres, and SQLite automatically

    Use Illuminate/Schema in installer, instead of raw queries, to support SQL Server, Postgres, and SQLite automatically

    Hey,

    I'm investigating userfrosting for an upcoming project. We would like to use our azure SQL db but I'm not sure how to connect successfully from userfrosting.

    A connection would normally be made with the following: $connection = new PDO( "sqlsrv:server = tcp:$HOST,$PORT; Database = $DB", $USER, $PASS);

    But I'm unsure how I can tell userfrosting to make a connection with sqlsrv, or include tcp and the port in the hostname? I guess for the tcp+port I would just set db_host to include tcp and the port? but I'm still not sure how I could configure userfrosting to use sqlsrv...

    Any ideas?

    compatibility installation todo data model 
    opened by xoorath 38
  • Security testing for butterflyknife

    Security testing for butterflyknife

    Butterflyknife will give admins more fine-grained control over user authorization. However, this also means more "moving parts" and a greater chance of security failure. So, we need to carefully test the security of each API page, trying out different POST and GET requests from different types of accounts, as well as from a logged-out state. Any volunteers?

    security 
    opened by alexweissman 38
  • Installation error

    Installation error

    Parse error: syntax error, unexpected '[' in /models/funcs.php on line 63

    compatibility 
    opened by r4zv4n 37
  • Issue with Users Page

    Issue with Users Page

    This is a fresh install of UserFrosting, so I probably messed something up in the install. When I go to view the Users page as the root account, I see this: image

    As an administrator, I see this: image

    And if I click back to the Dashboard from the Users page as an administrator, this happens: image

    Any ideas what is wrong?

    troubleshooting 
    opened by dlbass 36
  • Updating language files

    Updating language files

    With the new version of UF and its new features, come new messages. Several users have graciously contributed translations of the messages to other languages, and I'd like to call on our community to help update the language files, if they'd be so kind.

    UF currently has the following language files that need to be updated:

    • ~~Spanish~~ (thanks to @jchorques ) Updated thanks to @tyl3r
    • Italian (thanks to @Pe46dro )
    • ~~Dutch~~ (thanks to @joey102 ) Updated thanks to @Editandrew
    • ~~German~~ (thanks to @rocketworm ) Already updated thanks to @X-Anonymous-Y!
    • ~~Thai~~ (thanks to @popiazaza)
    • ~~Portugese~~ Thanks @riotbr!
    • ~~Turkish~~ Thanks to @emrecaga
    • ~~French~~ Thanks to @Ulydev

    I'd also like to solicit translations to any other languages that don't yet have, including (but not limited to):

    • Chinese (Mandarin)
    • Japanese
    • Malay
    • Vietnamese
    • Korean
    • Bengali
    • Hindi
    • Punjabi
    • Russian
    • Arabic
    • Javanese
    • Persian (Farsi)
    • Hebrew

    If you're interested and capable, let me know! For translators, the current English language file, en_US.php, should be considered the most up-to-date version at any given time (mainly because the primary developers are English speakers ;-) )

    wontfix internationalization todo 
    opened by alexweissman 35
  • generateRandomToken improvement.

    generateRandomToken improvement.

    The MD5 call altogether has been switched out for the hexadecimal representation of 16 CSRNG-generated bytes (the same amount at MD5 produces). See this.

    security 
    opened by michaellrowley 2
  • Several fixes for tests

    Several fixes for tests

    At this point, all the tables from the standard migration have been created in previous tests, so tables like users or roles cannot be created again.

    testing 
    opened by ktecho 4
  • Guarded Static Assets

    Guarded Static Assets

    In an authenticated system there is often a need to serve static assets/content that not all audiences should have access to. Not all scenarios have identical requirements, however from a technical standpoint there is a significant degree of overlap.

    The common problems to solve for are;

    • Ensuring a high level of performance (as close to standard static file serving as possible)
    • Scaling (static assets are typically numerous, and will more easily overwhelm the server)
    • Maximising code reuse (currently everyone has to invent their own solution)
    • Quick to implement (a quick implementation currently means forgoing performance and scaling issues)
    features - miscellaneous 
    opened by Silic0nS0ldier 1
  • Remove per user theme

    Remove per user theme

    Followup from deprecation of per user theme in 4.6.0. See #1131.

    templating Breaking Change 
    opened by lcharette 0
  • `asset-bundles.json` may be parsed as YAML instead of JSON when whitespace is inconsistent

    `asset-bundles.json` may be parsed as YAML instead of JSON when whitespace is inconsistent

    https://chat.userfrosting.com/channel/support?msg=8LwJd3GPH5EvKeSiX

    To fix this a JSON specific loader should be used instead. As it stands now, parsing is inconsistent causing issues like quotes being seen as part of the string (as opposed to its container).

    confirmed bug assets 
    opened by Silic0nS0ldier 4
  • Translate alert stream messages at read time

    Translate alert stream messages at read time

    This revises the alert stream logic to delay actual translation of messages until they are read.

    Example with English browser locale, and Chinese account locale. image

    This is marked as a prototype for now as I'm not 100% entirely settled on the data shape.

    opened by Silic0nS0ldier 6
  • Script hooks for client-side assets

    Script hooks for client-side assets

    The frontend ecosystem has evolved considerably since UF v4 first released. Some projects utilising UF have also reimplemented their own custom frontends, which introduces manual build steps. We can do better.

    The vision here is that UF will have some general hooks which sprinkles can utilise to run build steps within a given sprinkles scope.

    Hooks would exist for the following;

    • uf-pre-bundle which runs first in the built-in uf-bundle
    • uf-pre-assets-install which runs first in the built-inuf-assets-install, intended as a hook for running npm i in sprinkles
    • uf-clean which runs in parallel with the built-in uf-clean
    • test, which is an already established convention in the NPM ecosystem. This would be run as part of the bakery test command (with flags to opt-out). I plan on utilising this hook to provide test coverage of our JS scripts.

    These hooks would be defined in a sprinkles package.json. A few other changes would be introduced to support this, mainly to account for the existing usage of package.json.

    Work on this would occur after https://github.com/userfrosting/UserFrosting/issues/1148

    testing assets bakery needs discussion developer experience 
    opened by Silic0nS0ldier 2
  • Replace ESM module with native ESM in assets build scripts

    Replace ESM module with native ESM in assets build scripts

    UF managed NodeJS dependencies have all been refactored to use the native ESM support in NodeJS 12.17 onward. It is now time to switch to these, and remove the esm module entirely. This should provide a minor performance boost (no on-the-fly ES module compilation) but more importantly keep things running smoothly as more ES module packages appear on the NPM registry (the esm module is incompatible with native ESM support).

    assets 
    opened by Silic0nS0ldier 0
  • Cannot create another user with the same username of a deleted user

    Cannot create another user with the same username of a deleted user

    Hi all,

    I just found a bug where if I remove a user from Admin (might do the same any other way, haven't tested), and I go to create a new user with the same username, it will fail saying to check error logs (checked both userFrost and php logs and there was nothing). This happened using the same username but a different email as well (so it's linked to the username). I've currently broken my myphpadmin to be able to check whats going on in the DB but I might make an effort later if this is a harder issue to debug.

    User frost version: 4.4.5 PHP version 7.4.3

    Edit: It turns out the email being the same also fails. So a past user can't join again.

    Thanks, Anesu

    confirmed bug features - miscellaneous up-for-grabs 
    opened by anesuc 2
  • Remove rel=author, rel=publisher tags from base template

    Remove rel=author, rel=publisher tags from base template

    These are no longer supported by Google, and I doubt they are supported by any other major search engines either.

    See:

    • https://support.google.com/webmasters/thread/3064840?hl=en
    • https://searchengineland.com/goodbye-google-authorship-201975
    frontend 
    opened by alexweissman 1
Releases(v4.6.3)
  • v4.6.3(Dec 15, 2021)

    Security

    • Added placeholder URL for site.uri.public in configuration to guard against Host Header Injection attacks by default in production.

    IMPORTANT : As of 4.6.3, site.uri.public must be explicitly set in your production configuration to avoid security issues. If not set, some links and emails will not work properly. See Going Live for more info.

    What's Changed

    • Placeholder for site.uri.public in production by @Silic0nS0ldier in https://github.com/userfrosting/UserFrosting/pull/1187
    • Release 4.6.3 by @lcharette in https://github.com/userfrosting/UserFrosting/pull/1188

    Full Changelog: https://github.com/userfrosting/UserFrosting/compare/v4.6.2...v4.6.3

    Source code(tar.gz)
    Source code(zip)
  • v4.6.2(Oct 27, 2021)

    Changes

    • Updated Portuguese translation (#1178).

    Fix

    • Fix UF_MODE not being loaded by Config (#1177).

    New Contributors

    • @josemachado94 made their first contribution in https://github.com/userfrosting/UserFrosting/pull/1178 !
    Source code(tar.gz)
    Source code(zip)
  • v4.6.1(Aug 1, 2021)

  • v4.5.2(Aug 1, 2021)

  • v4.6.0(Jul 18, 2021)

    See full Changelog

    See upgrade guide

    Changed Requirements

    • Drop PHP 7.2 support. Gain PHP 8.0 support. PHP 8.0 is now recommended.

    Dependencies upgrade

    • Replaced individual UserFrosting Assets, Cache, Config, Fortress, i18n, Session, Support and UniformResouceLocator repos with monolitic userfrosting/framework repo.
    • Upgrade all Laravel packages to ^8.x from ^5.8.
    • Upgrade vlucas/phpdotenvto ^5.3 from ^3.4.
    • Upgrade symfony/console to ^5.1 from ^4.3.
    • Upgrade phpunit/phpunit to ^9.5

    New Feature

    • Added support for built-in PHP Server.

    Changes

    • Per user theme ($user->theme) is now deprecated and disabled by default. To enable back, change per_user_theme config to true (#1131). This feature will be removed in future version.
    • Bakery command execute method now requires to return an int (Symfony 4.4 upgrade : https://symfony.com/blog/new-in-symfony-4-4-console-improvements).
    • UserFrosting\Sprinkle\Core\Database\EloquentBuilder now uses Illuminate\Database\Eloquent\Concerns\QueriesRelationships Trait instead of manually implementing withSum, withAvg, withMin, withMax & withAggregate. See Laravel documentation for usage change.
    • Migrate uf-modal.js to jQuery Boilerplate (#740)
    Source code(tar.gz)
    Source code(zip)
  • v4.5.1(Jul 14, 2021)

    Fixed

    • Fix php bakery route:list error on procedural routes (#1162).
    • Fix NO_DATA alert when editing a User Role (#1163).
    • [Vagrant/Homestead] Force use of PHP 7.4 for CLI (since default is now PHP 8).
    • Fix integration with filp/whoops 2.14

    Changed

    • Updated Docker development images (PHP 7.2 to 7.4, NodeJS 12.x to 14.x) (#1085).
    Source code(tar.gz)
    Source code(zip)
  • v4.5.0(Apr 22, 2021)

    See full Changelog

    See upgrade guide

    Changed Requirements

    • Drop PHP 7.1 support. PHP 7.4 is now recommended.
    • Raised NodeJS version requirement from >=10.12.0 to ^12.17.0 || >=14.0.0 (#1138).
    • Raised NPM version requirement from >=6.0.0 to >=6.14.4 (#1138).

    Changed Composer Dependencies

    • Updated wikimedia/composer-merge-plugin from ^1.4.0 to ^2.1.0 (#1117).

    Added

    • Composer 2 support (#1117).
    • Lando support.
    • Added more SMTP options in env and setup:smtp bakery command (#1077),
    • Added new MAIL_MAILER environment variable to set mailer type.
    • Added "Native mail" to setup:mail bakery command.

    Changed

    • Implement findInt (#1117).
    • Replace getenv() with env() (#1121).
    • Replaced UserFrosting\Sprinkle\Core\Bakery\Helper\NodeVersionCheck with new UserFrosting\Sprinkle\Core\Util\VersionValidator class.
    • Bakery command setup:smtp renamed to setup:mail. The old command is still available as an alias for backward compatibility.
    • Changed .php_cs to .php_cs.dist.
    • Changed phpunit.xml to phpunit.xml.dist.

    Fixed

    • Replaced AdminLTE credit in default footer (old link was dead).
    • Issue with path slashes on Windows (#1133).

    Removed

    • Removed deprecated UserFrosting\System\Bakery\Migration (deprecated in 4.2.0).
    • Removed deprecated UserFrosting\Tests\DatabaseTransactions (deprecated in 4.2.0).
    • Removed deprecated UserFrosting\Sprinkle\Core\Tests\ControllerTestCase (deprecated in 4.2.2).
    • Removed deprecated UserFrosting\Sprinkle\Core\Model\UFModel (deprecated in 4.1).
    • Removed deprecated UserFrosting\Sprinkle\Core\Sprunje\Sprunje::getResults (deprecated in 4.1.7).
    • Removed deprecated UserFrosting\Sprinkle\Account\Database\Models\User::exists (deprecated in 4.1.7).
    • Removed deprecated UserFrosting\Sprinkle\Core\Database\Models\Model::export (deprecated in 4.1.8).
    • Removed deprecated UserFrosting\Sprinkle\Core\Database\Models\Model::queryBuilder (deprecated in 4.1.8).
    • Removed deprecated UserFrosting\Sprinkle\Core\Database\Relations\Concerns\Unique::withLimit (deprecated in 4.1.7).
    • Removed deprecated UserFrosting\Sprinkle\Core\Database\Relations\Concerns\Unique::withOffset (deprecated in 4.1.7).
    • Removed deprecated UserFrosting\Sprinkle\Core\Error\RendererWhoopsRenderer::getResourcesPath.
    • Removed deprecated UserFrosting\Sprinkle\Core\Error\RendererWhoopsRenderer::setResourcesPath.
    • Removed deprecated Handlebar ifCond (Deprecated in 4.1).
    • Removed migration seed.
    • Removed support for migration with non static $dependencies properties.
    • Removed support for deprecated determineRedirectOnLogin service (deprecated in 4.1.10).
    Source code(tar.gz)
    Source code(zip)
  • v4.4.5(Mar 6, 2021)

    Changed

    • Replaced Travis with Github Actions
    • Force Composer 1.0 for Docker (#1126)
    • Update error.html.twig - add container (#1128)
    • Update some tests
    • Update Vagrant doc & config
    Source code(tar.gz)
    Source code(zip)
  • v4.4.4(Nov 20, 2020)

    Fixed

    • Replaced AdminLTE credit in default footer (old link was dead).
    • Lock Travis to Composer V1 to avoid error until Composer V2 support can be fixed.
    • Remove whitespace at top of page templates (#1107)
    • Deep extend when adding global query params in ufTable (#1114)
    • Check for null key in Unique::buildTertiaryDictionary (#1109)
    • Client-side assets containing glob characters causing crashes when building assets.
    • Fixed issue where merging of package dependencies would show as "undefined", resulting in debugging challenges where there are issues.
    Source code(tar.gz)
    Source code(zip)
  • v4.3.4(Jun 19, 2020)

  • v4.4.3(Jun 3, 2020)

    Fixed

    • Changed some private methods to protected in tests for easier extension.
    • Tentative fix for duplication of user_name in user Factories.
    • Factories now uses ::class reference instead of string.
    • Fix ExceptionHandlerTest test to speed things up.
    Source code(tar.gz)
    Source code(zip)
  • v4.4.2(May 1, 2020)

    Fixed

    • Locale matcher can fail when client provided locale identifier has incorrect casing (#1087)
    • Sprunje applyTransformations method not returning the $collections object (#1068)
    • Old assets in app/assets/browser_modules not being deleted during install (#1092)
    • Added SKIP_PERMISSION_CHECK env to skip check for local directories that needs to be write protected. This can be used for local production env testing.
    Source code(tar.gz)
    Source code(zip)
  • v4.4.1(Apr 23, 2020)

    Fixed

    • Fixed issue where incompatible NPM packages would be browserified, resulting in install failures.
    • Replaced deprecated Twig class.
    • Fixed issue when compiling assets for production (#1078).
    • Migration dependencies should work with and without leading \ (#1023)
    • Throttler don't count successful logins (#1073)
    Source code(tar.gz)
    Source code(zip)
  • v4.4.0(Mar 22, 2020)

    See full Changelog

    See upgrade guide

    Changed Requirements

    • PHP 7.3 is now the recommended version, as 7.2 is already security fixes only.

    Changed Composer Dependencies

    • Reset Slim version to ^3.12
    • Updated PHPUnit to 8.5 (Version 7.5 still used for PHP 7.1)

    Added

    • PHP 7.4 Support & Travis environment.
    • New Locale service. Provides a list of available locales in diffeent form.
    • New BaseServicesProvider abstract class added as base for all ServiceProvider class.
    • Sprinkle Services Provider can now be autoloaded using the $servicesproviders property in the sprinkle bootstrapper class.
    • Current locale code can now be accessed from Twig using the currentLocale global variable ([#1056]).
    • Locale now have config & metadata file ([#850])
    • Added locale:compare, locale:dictionary and locale:info Bakery commands.
    • New cli service. Returns true if current app is a CLI envrionement, false otherwise.

    Changed

    • Interop\Container\ContainerInterface has been replaced with Psr\Container\ContainerInterface.
    • \UserFrosting\I18n\MessageTranslator is now \UserFrosting\I18n\Translator.
    • Translator service moved to it's own UserFrosting\Sprinkle\Core\I18n\TranslatorServicesProvider class.
    • Travis now uses Xenial instead of Trusty.
    • site.locales.available config now accept (string) identifier => (bool) enabled. Set identifier to false or null to remove it from the list.
    • Locale plural rules moved from the keys file to the new metadata files.

    Fixed

    • When internationalizing, the lang attribute value of the Twig template is not set to follow changes ([#982])
    • pt_Br locale identifier renamed to pt_BR.
    • Improved Docker support ([#1057])
    • Improved Bakery debug command output
    • Improve ordering by activity date ([#1061] & [#1062]; Thanks @ktecho!)
    • Updated Vagrant config and documentation
    • Fixed a bug where withTrashed in findUnique was not available when SoftDeletes trait is not included in a model.
    • CSRF global middleware is not loaded anymore if in a CLI envrionement. This will avoid sessions to be created for bakery and tests by default.
    • Browserified node modules not being correctly loaded.
    • Browserified node modules potentially colliding with real entrypoints.

    Removed

    • localePathBuilder service removed. Task now handled by the locale and translator services.
    Source code(tar.gz)
    Source code(zip)
  • v4.2.4(Feb 23, 2020)

    Warning : This is a maintenance release for UserFrosting 4.2. This releases fixes compatibility issues so UserFrosting 4.2 can actually be installed. This release should only be used to test older sprinkles and debugging issues for those Sprinkles, as it's the last version compatible with PHP 5.6 and PHP 7.0.

    It is encouraged to upgrade to UserFrosting 4.3.x or above.

    Fixed

    • Locked Slim version to 3.12.2 to fix container-interop/container-interop replacement with psr/container
    • Locked Symfony version to 4.x for backward compatibility
    Source code(tar.gz)
    Source code(zip)
  • v4.3.3(Nov 29, 2019)

    Fixed

    • Fixed wrong version number in define
    • Locked Slim version to 3.12.2 until UF 4.4 can fix container-interop/container-interop replacement with psr/container
    Source code(tar.gz)
    Source code(zip)
  • v4.3.2(Nov 20, 2019)

    Added

    • Add translation for Brazilian Portuguese (locale pt_BR) - Thanks @maxwellkenned ! (#1036)
    • Add translation for Serbian (sr_RS) - Thanks @zbigcheese ! (#1035)

    Changed

    • Updates to the French Locales (#1027)
    • Updates to the German Locales (#1039)
    • Updates to the Thai Locales (#1041)
    • Updates to the Greek Locales (#1042)
    • Updates to the Persian Locales (#1045)

    Fixed

    • Fix issue with hidden fields in group modal (#1033)
    • User cache not flushed on model save (#1050)
    • Fix "the passwords don't match" error when editing a user password (#1034, #1038)

    Deprecated

    UserController:updateField now expect the new value as $_PUT[$fieldName] (where $fieldName is the name of the field you want to update, eg. $_PUT['password'] for editing password) instead of $_PUT['value']. This will only affect your code if you're not using the user widget.

    Source code(tar.gz)
    Source code(zip)
  • v4.3.1(Sep 6, 2019)

  • v4.3.0(Aug 30, 2019)

    See full Changelog

    See upgrade guide

    Changed Requirements

    • Changed minimum PHP Version to 7.1

    Changed Composer Dependencies

    • Updated Laravel Illuminate packages to 5.8
    • Updated Twig to 2.11
    • Updated PHPUnit to 7.5
    • Updated Mockery to 1.2
    • Updated nikic/php-parser to 4.2.2
    • Updated PHPMailer/PHPMailer to 6.0.7
    • Updated league/csv to 9.2.1
    • Updated symfony/console to 4.3
    • Updated vlucas/phpdotenv to 3.4.0

    Changed Frontend Dependencies

    • Updated handlebar from 3.0.x to 4.1.2
    • Updated AdminLTE theme to 2.4.15 ([#994]; [#1014]; [#1015])
    • Updated Font Awesome to 5.9 ([#957]; [#870])

    Added

    • Separated BakeCommand class into multiple methods to make it easier for sprinkle to add custom command to the bake command.
    • Allow null group assignment for users ([#867]; [#964])
    • Password can now be set manually when creating new user ([#1017]; [#763])
    • Icon picker for user and group form ([#713]; [#1019])

    Fix

    • bake command return error if account sprinkle is not included ([#944])
    • Email is case-sensitive ([#881]; [#1012])
    • Update vulnerable [email protected]^3.0.3 to ^4.0.12 ([#921])
    • Moved handlebars-helpers.js from core to admin sprinkle ([#897])
    • Remove Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead message ([#1016])

    Changed

    • Account sprinkle now extend the Core BakeCommand class to add the create-admin to the general bake command. Any sprinkle already extending the Core BakeCommand might need adjustments.
    • Updated custom Eloquent relations (belongsToManyThrough, morphToManyUnique, belongsToManyUnique, morphToManyUnique, etc.) to support Laravel 5.8. See The belongsToMany Method.

    Removed

    • Removed belongsToManyConstrained (deprecated in 4.1.6)
    • Remove league/flysystem-aws-s3-v3 and league/flysystem-rackspace as core dependencies ([#1018])
    Source code(tar.gz)
    Source code(zip)
  • v4.3.0-beta.1(Jul 28, 2019)

    See Upgrade Guide : https://learn.userfrosting.com/develop/upgrading/42-to-43

    Changed Requirements

    • Changed minimum PHP Version to 7.1

    Changed Composer Dependencies

    • Updated Laravel Illuminate packages to 5.8
    • Updated Twig to 2.11
    • Updated PHPUnit to 7.5
    • Updated Mockery to 1.2
    • Updated nikic/php-parser to 4.2.2
    • Updated PHPMailer/PHPMailer to 6.0.7
    • Updated league/csv to 9.2.1
    • Updated symfony/console to 4.3
    • Updated vlucas/phpdotenv to 3.4.0

    Changed Frontend Dependencies

    • Updated handlebar from 3.0.x to 4.1.2
    • Updated AdminLTE theme to 2.4.15 (#994; #1014; #1015)
    • Updated Font Awesome to 5.9 (#957; #870)

    Added

    • Separated BakeCommand class into multiple methods to make it easier for sprinkle to add custom command to the bake command.
    • Allow null group assignment for users (#867; #964)
    • Password can now be set manually when creating new user (#1017; #763)

    Fix

    • bake command return error if account sprinkle is not included (#944)
    • Email is case-sensitive (#881; #1012)
    • Update vulnerable [email protected]^3.0.3 to ^4.0.12 (#921)
    • Moved handlebars-helpers.js from core to admin sprinkle (#897)
    • Remove Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead message (#1016)

    Changed

    • Account sprinkle now extend the Core BakeCommand class to add the create-admin to the general bake command. Any sprinkle already extending the Core BakeCommand might need adjustments.
    • Updated custom Eloquent relations (belongsToManyThrough, morphToManyUnique, belongsToManyUnique, morphToManyUnique, etc.) to support Laravel 5.8. See The belongsToMany Method.

    Removed

    • Removed belongsToManyConstrained (deprecated in 4.1.6)
    • Remove league/flysystem-aws-s3-v3 and league/flysystem-rackspace as core dependencies (#1018)
    Source code(tar.gz)
    Source code(zip)
  • v4.2.3(Jul 7, 2019)

    Added

    • Config to set Domain of RememberMe Cookie (#990, #991; Thanks @xrobau !)
    • Config settings for password min/max length (#993)
    • migrate:clean bakery command (#1007)

    Fixed

    • [PHPMailer] Turn off opportunistic TLS when disabled (#986, #987)
    • Migrator now ignore files that don't end in .php (#965, #998)
    • Respects CSRF_ENABLED environment variable (#976; Thanks @Poldovico !)
    • Checkbox bug on password change form (#1008)
    • On role page, users table action buttons not working (#1010)
    Source code(tar.gz)
    Source code(zip)
  • v4.2.2(Jun 2, 2019)

    Added

    • New group factory ('UserFrosting\Sprinkle\Account\Database\Models\Group')
    • New withController Trait, as an alternative for deprecated ControllerTestCase
    • StyleCI config
    • [Travis] SQLite in-memory DB testing
    • [Travis] enabled memcache & Redis service

    Fixed

    • DefaultPermissions seed results in SQL errors (#981; #983)
    • Make group & role schema consistent between creation and edition. Prevents group and role without a name or slug to be created during edition.
    • Factories changed to make sure slugs are unique
    • Fix WithTestUser Trait returning a user with id of zero or reserve master id when a non-master user was asked. If master user already exist, will return it instead of trying to create a new one (with the same id)
    • Force close db connection on test tearDown procedure

    Changed

    • Recommended PHP version is now 7.2, as 7.1 will be EOL in less than 6 months
    • Added tests coverage for all build-in controllers
    • Applied styling rules from StyleCI & updated php-cs-fixer rules to match StyleCI config

    Deprecated

    • ControllerTestCase. Use withController Trait instead.
    Source code(tar.gz)
    Source code(zip)
  • v.4.2.1(Apr 19, 2019)

    Added

    • UserFrosting\Sprinkle\Core\Database\Models\Session model for the sessions db table.
    • TEST_SESSION_HANDLER environment variable to set the session save handler to use for Testing.
    • withDatabaseSessionHandler Trait for testing. Use $this->useDatabaseSessionHandler() to use database session handler in tests.

    Fixed

    • Italian translation (#950)
    • User Registration failing when trying to register two accounts with the same email address (#953)
    • Bad test case for CoreController::getAsset.
    • User Model forceDelete doesn't remove the record from the DB (#951)
    • Fix PHP Fatal error that can be thrown when registering a new User
    • Session not working with database handler (#952)
    • Remove any persistences when forceDeleting user to prevent Foreign Key Constraints issue (#963)
    • More helpful error message in checkEnvironment.php (Thanks @amosfolz; #958)
    • Hide locale select from UI if only one locale is available (Thanks @avsdev-cw; #968)
    • Download CSV filename error (#893)
    Source code(tar.gz)
    Source code(zip)
  • v4.2.0-beta.2(Feb 28, 2019)

    See Upgrade Guide : https://learn.userfrosting.com/4.2/upgrading/41-to-42

    Added

    • sprinkle:list bakery command
    • NoCache middleware to prevent caching of routes with dynamic content
    • Sample test environment for Docker
    • Added validateMigrationDependencies helper method to BaseSeed
    • Greek locale (Thanks @lenasterg!; [#940])

    Changed

    • Sprinkle list in the bakery debug command to uses the new sprinkle:list table
    • routerCacheFile config now only contains filename. Locator is used to find the full path
    • Updated Docker integration
    • Moved some constants from app/defines.php to app/sprinkles/core/defines.php
    • Move route initialization from system to core sprinkle as router service is located in the core sprinkle

    Fix

    • Fix for Test Bakery command
      • Added coverage-format and coverage-path options to test Bakery command
      • Sprinkle Testscope is now case insensitive
      • Class testscope now relative to / instead of /UserFrosting/Sprinkle/ for more intuitive usage and to enable testing of non sprinkle tests
      • Detect and use the sprinkle phpunit.xml config when testing a specific sprinkle
    • SprinkleManager Improvements :
      • Added public getSprinklePath method to get path to the sprinkle directory
      • Added public getSprinkleClassNamespace method to get sprinkle base namespace
      • Added public getSprinkle method. Returns the sprinkle name as formatted in sprinkles.json file, independent of the case of the search argument.
      • Public isAvailable method now case insensitive.
      • Added public getSprinklesPath & setSprinklesPath to return or set the path to the sprinkle dir (app/sprinkles/)
      • Added JsonException if sprinkles.json doesn't contain valid json.
      • Added specific tests for sprinkleManager with 100% test coverage
    • Ignore existing package-lock.json which caused incorrect dependencies to be installed when upgrading from older versions of UserFrosting.
    • Vendor assets not found in production mode
    • Various Docker specific edge cases and misconfigurations
    • Fix path issue on Windows
    Source code(tar.gz)
    Source code(zip)
  • v4.2.0-beta.1(Jan 10, 2019)

  • v4.1.22(Dec 13, 2018)

    • Updated Docker README.md.
    • Replaced libpng12-dev which has been dropped since Ubuntu 16.04 with libpng-dev in PHP Dockerfile.
    • Avoid twig deprecation warning (#911; Thanks @silvioq !)
    Source code(tar.gz)
    Source code(zip)
  • v4.1.21(Oct 21, 2018)

  • v4.2.0-alpha.2(Oct 16, 2018)

  • v4.1.20(Oct 14, 2018)

    • Added route:list command to list all registered routes (#903; Thanks @apple314159 !)
    • Added warning in configuration file regarding disabling registration and email verification (#900; Thanks @linkhousemedia !)
    Source code(tar.gz)
    Source code(zip)
Owner
UserFrosting
A secure, modern user management system for PHP.
UserFrosting
User role and Permission Management system with Paticie package

User role and Permission Management system with Paticie package Installation instruction Download or git clone https://github.com/KKOO727/User-role-ma

Ninja 2 Dec 14, 2021
Create secure controllers with routing system in Laravel.

Power Gates A simple Laravel application for testing Gates and Policy. Using laravel middlewares, routes and gates to create an Authenticated website.

AmirH.Najafizadeh 4 Oct 30, 2021
Light-weight role-based permissions system for Laravel 6+ built in Auth system.

Kodeine/Laravel-ACL Laravel ACL adds role based permissions to built in Auth System of Laravel 8.0+. ACL middleware protects routes and even crud cont

Kodeine 770 Dec 9, 2021
Kaiju is an open source verification bot based on Discord's OAuth written in C# and PHP, with the functionality of being able to integrate the user to a new server in case yours is suspended.

What is Kaiju? Kaiju is an open source verification bot for Discord servers, based on OAuth and with permission for the server owner, to be able to mi

in the space 8 Jan 9, 2022
PHP package built for Laravel 5.* to easily handle a user email verification and validate the email

jrean/laravel-user-verification is a PHP package built for Laravel 5.* & 6.* & 7.* & 8.* to easily handle a user verification and validate the e-mail.

Jean Ragouin 759 Jan 12, 2022
A spec compliant, secure by default PHP OAuth 2.0 Server

PHP OAuth 2.0 Server league/oauth2-server is a standards compliant implementation of an OAuth 2.0 authorization server written in PHP which makes work

The League of Extraordinary Packages 6k Jan 11, 2022
Armor - User and Session Management

User and session management. Provides solid base foundation for development of custom user management system.

Matt Dizak 4 Nov 30, 2021
A user, group, role and permission management for Codeigniter 4

CI4-Auth CI4-Auth is a user, group, role and permission management library for Codeigniter 4. CI4-Auth is based on the great Myth-Auth library for Cod

George Lewe 1 Jan 6, 2022
Example of user management in Nette

User Authentication (Nette example) Example of user management. User login, registration and logout (SignPresenter) Command line registration (bin/cre

null 6 Jan 10, 2022
The Salla OAuth Client library is designed to provide client applications with secure delegated access to Salla Merchant stores.

Salla Provider for OAuth 2.0 Client This package provides Salla OAuth 2.0 support for the PHP League's OAuth 2.0 Client. To use this package, it will

Salla 12 Jan 4, 2022
💝The Plus (ThinkSNS+) is a powerful, easy-to-develop social system built with Laravel.

Plus (ThinkSNS+) Plus (ThinkSNS+) 是使用 Laravel 框架开发;一个功能强大、易于开发和动态拓展的社交系统。Plus 是遵循 PSR 规范 代码统一,并功能块松耦合。你安装完成 Plus 并不意味着已经成功安装了所有功能,因为 Plus 使用 模块化 的 原则,

Slim Kit 2.2k Jan 17, 2022
Discuz!ML is a multilingual version of Discuz!X, social network engine from Tencent Cloud

Discuz! ML (MultiLingual Discuz) Introduction Discuz!ML is a multilingual version of Discuz!X, social network engine from Tencent Cloud Related Sites

Valery Votintsev 0 Dec 31, 2021
Eloquent roles and abilities.

Bouncer Bouncer is an elegant, framework-agnostic approach to managing roles and abilities for any app using Eloquent models. Table of Contents Click

Joseph Silber 2.8k Jan 19, 2022
Braindead simple social login with Laravel and Eloquent.

Important: This package is not actively maintained. For bug fixes and new features, please fork. Eloquent OAuth Use the Laravel 4 wrapper for easy int

Adam Wathan 376 Dec 26, 2021
This is registration and authentication forms written in PHP, JQuery

Registration-form This is registration and authentication forms written in PHP, JQuery Each file is: header.php - html-file for links "Главная", "Реги

Galina 2 Nov 2, 2021
Set up Laravel Auth guards using Eloquent in seconds

Nightguard Set up Auth guards using Eloquent in seconds. Introduction Laravel guards provide a super convenient way of authorizing different areas of

Luke Downing 10 Mar 18, 2021
PHP library to verify and validate Apple IdentityToken and authenticate a user with Apple ID.

Sign-in with Apple SDK Installation Recommended and easiest way to installing library is through Composer. composer require azimolabs/apple-sign-in-ph

Azimo Labs 57 Dec 14, 2021
User registration and login form with validations and escapes for total security made with PHP.

Login and Sign Up with PHP User registration and login form with validations and escapes for total security made with PHP. Validations Required fields

Alexander Pérez 1 Oct 23, 2021