PHPackages w34u/ssp - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. w34u/ssp ActiveLibrary[Authentication & Authorization](/categories/authentication) w34u/ssp ======== Secure login system for php frameworks, applications and sites v3.3.2(2mo ago)291[3 PRs](https://github.com/julesbl/ssp/pulls)MITPHPPHP ^7.4 || ^8.0 Since Jan 26Pushed 2mo ago3 watchersCompare [ Source](https://github.com/julesbl/ssp)[ Packagist](https://packagist.org/packages/w34u/ssp)[ RSS](/packages/w34u-ssp/feed)WikiDiscussions master Synced 4w ago READMEChangelogDependencies (14)Versions (55)Used By (0) Simple Site Protection ====================== [](#simple-site-protection) Secure login system for php frameworks, applications and sites These set of php routines are designed to allow php developers to easily secure a site or an application. Based on the ideas and information written about in \[Innocent Code\] (http:///[www.amazon.co.uk/Innocent-Code-Security-Wake-up-Programmers/dp/0470857447/ref=sr\_1\_1?ie=UTF8&s=books&qid=1266594625&sr=1-1](http://www.amazon.co.uk/Innocent-Code-Security-Wake-up-Programmers/dp/0470857447/ref=sr_1_1?ie=UTF8&s=books&qid=1266594625&sr=1-1)) by the security consultant \[Sverre H. Huseby\] () the code attempts to make the site resilient against most forms of attack. Installation ------------ [](#installation) composer require w34u/ssp 1. Move vendor/w34u/ssp/cfg to version controlled part of your project, preferably outside the browser viewable part of your project. 2. Rename vendor/w34u/ssp/cfg/Configuration.change.php to Configuration.php and assign values to all the properties to do the database connection and secure your site. 3. Add "autoload": { "psr-4": { "w34u\\\\ssp\\\\": "cfg/" } }, to composer.json so that the configurations load and then run 'composer dumpautoload' to refresh the loader. 4. Move vendor/w34u/ssp/cfg/sspadmin to a browser viewable area and ensure sspadmin/includeheader.php requires the composer autoloader in vendor. 5. Point your favourite browser at sspadmin/setup and follow the instructions to create the database and your first admin login. \[Originally hosted on source forge for old versions\] () System requirements ------------------- [](#system-requirements) PHP >= 5.5 and up. adodb/adodb-php >= 5.0 mbstring mcrypt Attacks hardened against are: ----------------------------- [](#attacks-hardened-against-are) - Sql injection. - Invalid character injection in forms. - Javascript injection in forms. - Sesson theft. - Session takeover. - One forms out put being used into another. - Designed to be used with ssl thus helping to prevent man in the middle type attacks. Facilities provided by this set of libraries and routines: ---------------------------------------------------------- [](#facilities-provided-by-this-set-of-libraries-and-routines) - Basic joinup routine. - Password recovery. - User admin. - User self admin. - Fully templated using fast simple template class. - Powerful (and paranoid) form building class. - Data checking class. - Useful lister and html menu list generation classes - Works with php 5.0 upwards - Uses database abstraction to work with most databases, has been used with MySql, Access and MS Sql Server. - Multi lingual capability with browser language checking. Highly configurable session, login and debug: --------------------------------------------- [](#highly-configurable-session-login-and-debug) - Http or Https. - Variable number of actals for ip checking. - Fully configurable on types of checks to be done. - Login by email or username. - Extend the login for other user inputs. - Error output either to screen or log file for live sites. ### Health Score 51 — FairBetter than 95% of packages Maintenance86 Actively maintained with recent releases Popularity12 Limited adoption so far Community8 Small or concentrated contributor base Maturity82 Battle-tested with a long release history Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~77 days Recently: every ~146 days Total 49 Last Release 67d ago PHP version history (2 changes)v3.0.0PHP ^5.5 || ^7.0 v3.2.28PHP ^7.4 || ^8.0 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/1729463?v=4)[Julian Blundell](/maintainers/julesbl)[@julesbl](https://github.com/julesbl) --- Top Contributors [![julesbl](https://avatars.githubusercontent.com/u/1729463?v=4)](https://github.com/julesbl "julesbl (125 commits)") --- Tags phpsecuritysession-managementsspwebsitesecurityauthauthenticate ### Code Quality TestsCodeception ### Embed Badge ![Health badge](/badges/w34u-ssp/health.svg) ``` [![Health](https://phpackages.com/badges/w34u-ssp/health.svg)](https://phpackages.com/packages/w34u-ssp) ``` ### Alternatives [showdoc/showdoc ShowDoc is a tool greatly applicable for an IT team to share documents online 12.8k7.1k](/packages/showdoc-showdoc)[cartalyst/sentinel PHP 8.2+ Fully-featured Authentication & Authorization System 1.5k2.7M76](/packages/cartalyst-sentinel)[phlak/directory-lister PHP directory lister 2.5k1.4k](/packages/phlak-directory-lister)[delight-im/auth Authentication for PHP. Simple, lightweight and secure. 1.2k142.4k30](/packages/delight-im-auth)[aura/auth Provides a unified interface to authenticate a user with local or remote authentication systems. 134241.3k13](/packages/aura-auth)[matricali/akamai-token-auth This library provides necessary logic to generate Akamai edge authorization token and signed URL. 111.2M](/packages/matricali-akamai-token-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)