Security Settings

 

Super Admin (Hard-Coded) Super Admin user name and password
User Name User Name of Super Admin
Password Password of Super Admin
Email (for 2FA) Email address of Super Admin for [Two factor Authentication](twofactorauth.html)
Phone (for 2FA) Phone number (starting with "+" and country code) of Super Admin for [Two factor Authentication](twofactorauth.html)
Users Table Users table for login name and password validation
Table Existing table in database containing login name and password information
User Name Field User name field in table used for authentication. This field MUST be of string type.
Password Field Password field in table used for authentication. This field MUST be of string type.
Two factor authentication (2FA) Enable Two Factor Authentication
2FA type Two factor authentication type:
Forced 2FA Force use of two factor authentication. If enabled, the user must use 2FA to login.
Skip Password (Login with 2nd factor only) If enabled, the user will login without password and use only 2FA to login. Forced 2FA will also be enforced if this option is enabled.
Remember me
Allow users to choose to stay logged in until the user logout explicitly. If enabled, a "Remember me" checkbox will be shown in the Login page, a cookie will be used to "remember" the user.
Remember me cookies contain a token that is used to verify the user's identity. As these tokens are long-lived, it is important to take precautions to allow invalidating any generated tokens. By default, remember me cookies contain a hash that is used to validate the cookie. This hash is computed based on configured signature properties. These properties fetched from the user object are always included in the hash: - The user identifier (i.e. the user name) - The expiration timestamp The remember me cookie will no longer be considered valid if these properties for the user changes.
Always remember me Enable this setting to always activate the remember me system and not allow users to opt-out. When enabled, each successful authentication will produce a remember me cookie.

Advanced Security

Advanced Security feature allows you to setup User ID and assign User Levels to users for **Authorization**, which refers to the process that determines what a user is able to do. After a user is [authenticated](authentication.html), the user is identified. The permission middleware of the application can then use the user's User ID and User Levels to decide whether or not the user is allowed to perform some actions to tables and records. PHPMaker supports two types of security at different levels: - **User ID Security** secures data at **record level** - **User Level Security** secures data at **table level** They complements each other, they can work independently or together. Users get their User ID and User Level after login. Before login, a user's identity is unknown and the user is an **Anonymous User**. To setup, click the **Advanced** button under **Users Table**.

User ID Security

User ID Security secures data at record level. Protected tables must have an User ID field for identifying which user a record belongs to. The User ID field names can be different in tables though. When User ID security is enabled, users can only access their own data.

To setup User ID security for different tables/views,

  1. Click on User ID in the left pane.
  2. Select the User ID field from your user table, this field is usually the primary key of the User Table.
  3. (Optional) Select the Parent User ID field from your user table. Parent User ID field stores the parent User ID(s) that the user belongs to, and the parent user can access and modify the child user's records. Parent User ID is hierarchical, so parent users can access the records owned by the child users of their child users.
  4. In the User ID Field column, select the User ID Field for the tables/views that requires User ID security.
  5. (Optional) Enable Allow View All if you allow all logged in users (not including Anonymous User) to list/search/view (but not add/copy/edit/delete) all records in the table.
  6. (Optional) Enable Allow access from same/parent user level if you allow users in the same and parent user levels to access each other's records in the table. (v2025 or later)
Notes
  1. If the User ID Field is not set, the User ID Security is disabled. If the Parent User ID Field is not set, the parent user(s) feature is disabled.
  2. If the Parent User ID Field is of integer type, the field can only store one user ID, each user can only belong to one parent user. From v2022, the Parent User ID Field can be of varchar type. If the Parent User ID Field is defined as varchar, it can store multiple user IDs as comma separated values, so a user can have multiple parent users. If you use multiple parent User ID, make sure you change the Edit Tag of the field for multiple selection.

User Level Security

User Level Security secures data at table level. Each user level is granted with specific permissions to tables in the database. There are 2 types of User Level Security: - **Static User Levels** - User Levels are defined in the project and cannot be changed with generated scripts - **Dynamic User Levels** - User Levels are stored in database and can be changed with generated scripts ###### User Level Hierarchy From v2025, user levels are hierarchical, each user level can have multiple sub user levels. A user level will automatically have all the permissions of sub user levels. For **Static User Levels**, the hierarchy is defined in the project. For **Dynamic User Levels**, the hierarchy is stored in the **Hierarchy Field** of the **User Level Table** (see below). ###### Static User Levels The user levels, hierarchy and the permissions are defined in this form. ![Static User Levels](images/security3.png) To setup static User Level security for different tables/views, 1. Click on **User Levels** in the left pane, 1. Select a field from your users table as the **User Level field**, 1. Click the **Static User Levels** tab, 1. Define your user levels, click ![Add key](images/addkey.gif) icon the add a user level and ![Delete key](images/deletekey.gif) icon to delete a user level. 1. Click the **Permissions** tab, select user levels in the left pane and set up permissions for each tables in the right pane. To setup static user level hierarchy, click the **Hierarchy** tab, set up the **Sub User Levels** for each user level. ![Static User Level Hierarchy](images/subuserlevels.png) ###### Dynamic User Levels The user levels, hierarchy and permissions are stored in 2 database tables: **User Level Table** and **User Level Permission Table** ![](images/security4.png) To setup dynamic User Level security for different tables/views, 1. Click on **User Levels** in the left pane, 2. Select a field from your users table as the **User Level field**, 3. Switch to the **Dynamic User Levels** tab, check **Enable Dynamic User Levels**, 4. Select your **User Level Table** and **User Level Permission Table** and the required fields.
**User Level Field** 1. If the **User Level Field** is not set, the **User Level Security** is disabled. 2. If the **User Level Field** is of integer type, the field can only store one user level, each user can only belong to one user level. From v2021, the field can be of **varchar** type, then it can store multiple user levels as comma separated values, a user can belong to multiple user levels. 3. You can click the button (with filter icon) in **Table Name Field** to select the tables to be shown in the generated user level permission setup page.
###### User Level Table The table must have the following fields, note the data types, User Level ID must be of integer type, the field names can be different though: ![User Level Table](images/userlevelstable.png)
**Hierarchy Field** 1. The field must be of varchar type. 1. The hierarchy is stored as comma separated user level IDs (integers), if you have a lot of user levels, make sure the field size is large enough.
###### User Level Permission Table The table must have the following fields, note the data types, User Level ID and the Permission fields must be of integer type, the field names can be different though: ![User Level Permission Table](images/userlevelprivtable.png)
**Permission Field** 1. The field must be of integer type. 1. The field stores SUM of permissions (see below), DO NOT use ``TINYINT``.
###### Creating Dynamic User Levels Tables If you want to create above 2 tables in your database, click the **Create tables** button, the following form will display for you to change the table/field names if necessary. You can change the table/field names and then click OK to continue. **Note** You can also click this button if you only want to add the **Hierarchy** field to your existing User Level Table. ![Create Tables](images/createtables.png) ###### Migrating Static User Levels to Dynamic User Levels If you have projects using Static User Levels created by previous versions of PHPMaker, you may want to use dynamic User Levels and migrate the Static User Levels setting in the project to the database. You can easily do that by clicking the **Migrate** button after selecting or creating the User Level and User Level Permission tables/fields. After setting the user levels, PHPMaker will populate the user levels to the User Level field's Edit Tag (also see [Field Setup](fieldsetup.html)) so administrators can assign user levels using the generated pages. ###### Built-in User Levels
| User Level | Description | | --- | --- | | **Anonymous** | User level for the **Anonymous User** (i.e. users that have not logged in). **Anonymous** is -2. | | **Administrator** | User level that has all permissions plus the privileges to modify User IDs and User Levels. Its permissions are same as that of the hard-coded Administrator. The User Level ID of **Administrator** is -1. | | **Default** | User level with ID = 0. Since User Level field is a non-nullable integer field, if you set a default value of 0 for this field, this user level will become the default user level for the user after registration and before the Administrator assigning another higher user level. | ###### Permissions
| Permission | Description | | --- | --- | | **Add** | Permission to add records to the table | | **Delete** | Permission to delete records from the table | | **Edit** | Permission to update records to the table | | **List** | Permission to list records from the table | | **Lookup** | Permission to use the table as lookup table | | **Search** | Permission to search the table | | **View** | Permission to view a record of the table | | **Import** | Permission to import records to the table | | **Export** | Permission to export records to the table | | **Push** | Permission to use [Web Push](webpush.html) | | **Grant** | Permission to grant permissions to other user levels (see below) | | **Admin** | All permissions to the table | In the generated scripts, the permissions are generated as enum ``Allow``: ###### The "Access" Permission In older versions, users with the **Admin** permission (16) (intended for granting permissions) could access all records of the tables. It was too excessive for granting permissions and is now renamed to "Access", which means access to all records. If you used the old "Admin" permission for users to grant their permissions, you should enable **Grant** permission only. ###### The "Grant" Permission Users with the **Grant** permission (e.g. administrators) can enable users to partially grant user level permissions by performing the following steps: 1. Login as administrator, go to the user level table and click the **Permissions** button for a user level. 1. Check the **Grant** checkbox for the required tables so that users from this user level can grant permissions for these tables. 1. Make sure that you have enabled the **List** and **Grant** checkboxes for the user level table for this user level as well or users from this user level cannot see and grant permissions for the user level table. 1. Click **Update** to save the settings. Users from this user level can then grant permissions for the specified tables in their next login. They can in turn give **Grant** permission to other user levels so that other user levels can also manage the user level permissions of this user level as well. 1. Note that users can only grant permissions that they have. For example, if they have only permissions to list/view for the cars table, they can only grant list/view permissions (but NOT any other permissions) to other user levels. 1. Alternatively, you can use [UserLevel_Loaded](customscripts.html?id=userlevel_loaded) and [TablePermission_Loaded](customscripts.html?id=tablepermission_loaded) server events to call the ``setCanGrant()`` method to grant **Grant** permission. ###### The "Admin" Permission Users with the **Admin** permission have FULL permission to the table. Make sure you grant this permission carefully. ###### Permissions for Anonymous User with User Level Security Disabled If security is enabled but User Level Security is NOT enabled, you can still set the permissions for anonymous users by checking/unchecking the permissions for the **Anonymous** User Levels in the **Static User Level** Permissions tab (see above).
**Notes** 1. Even you enable all permissions for a user-defined User Level, the User Level will NOT become the same as the **Administrator** User Level. 2. You may need to log in as administrator first in order to set permissions and assign dynamic user levels to other users initially.

 

User Login Options

User Login Options allows you to create a complete user registration system for your website, with options

Login
Track failed attempts If enabled, number of failed login attempts (invalid password) will be tracked. If exceeded, the user will be locked out and the password must be reset.
**Note** Login attempts are limited based on **Maximum failed attempts** and **Failed attempts window (minutes)**, see [Limiting Login Attempts](authentication.html?id=limiting-login-attempts) for details.
Maximum failed attempts The maximum number of failed login attempts.
Failed attempts window (minutes) The time window, in minutes, during which failed password attempts are tracked.
Disallow concurrent login If enabled, only one session is allowed for each user (except the hard-coded Administrator). If one user has already logged in, other users trying to login with the same username (and password) will be rejected.
Note Users are distinguished by Session ID as recognized by the web server. If you login again with your PC in another window of the same browser or in just another tab of your browser, you can still login. If you login again with another browser or another PC, the Session ID will be different and the login will be rejected.
Maximum concurrent user session count For use with Disallow concurrent login. By default only one session is allowed for each user. But you may want to give more than one chance to user so they will not be rejected after unexpected incidents such as a system crash.
Note Please be reminded that this option somewhat compromise the Disallow concurrent login feature. Use this option discreetly and always use the smallest possible value.
Logout concurrent users For use with Disallow concurrent login. If enabled, when a new user login, other users who have already logged in with the same username will be logged out by the system.
Login status timeout (minutes) The number of idle minutes after which the login status will be considered as logged out and login will be allowed again.

If a logged-in user does not explicitly log out (for example, close the browser directly), the user session is not closed and the user's login status will remain as "logged in". Attempts to login again will fail. This timeout setting ensures login will be allowed again after a period of idle time.

CAPTCHA (requires extension) Optionally requires user to type letters or digits from a distorted image that appears on the screen..
Note Requires CAPTCHA extension, click Tools -> Extensions from the main menu to enable. Also see Third-party Tools.
Modal Use modal dialog for login.
Password
Hashed passwordDeprecated Use hashed password. (For backward compatibility only, will be removed from future version. Hashed password must be used in new projects.)
Notes
  1. If the advanced setting [Use password hash](tools.html?id=use-password-hash) (deprecated) is enabled, PHP [password_hash()](tools.html?id=use-password-hash](https://php.net/manual/en/function.password-hash.php) function will be used to create password, otherwise [md5()](https://php.net/manual/en/function.md5.php) will be used.
  2. Make sure that the password field is large enough for the [password algorithm](tools.html?id=password-algorithm). Different algorithms have different length requirement, but 255 characters would be a good choice.
  3. The hash is irreversible, password can only be reset by password recovery.
Case-sensitive passwordDeprecated Use case-sensitive password. (For backward compatibility only, will be removed from future version.)
Enable password expiry If enabled, user password will expire after a period of time (except the hard-coded Administrator password).
Password expiry time (days) For use with Enable password expiry, user password will expire after the specified number of days.
User Registration Page
Enabled Generate user registration page and add a link in login page.
Fields Select fields (from the user table) to show in the registration page. Click the [...] button the select the fields.
Confirm before submit Display confirm page before submitting the registration
Send registration email Optionally send email confirmation after registration
Requires activation Optionally requires user to click an activation link in the email sent after registration to activate the user account.
Note Send email must be enabled for sending the email with activation link.
Auto login after registration/activation Optionally auto-login the user after registration or activation.
**Note** If **Requires activation** is enabled, the user is not activated yet after registration, auto login will be applied when the user clicks the activation link in the email. However, this option is not applicable if [LDAP authentication](tools.html?id=authentication-mode) mode is enabled.
CAPTCHA (requires extension) Optionally requires user to type letters or digits from a distorted image that appears on the screen..
Note Requires CAPTCHA extension, click Tools -> Extensions from the main menu to enable. Also see Third-party Tools.
Modal Use modal dialog for registration page.
Change Password Page
Enabled Generate change password page
Send email Optional email confirmation after changing password
CAPTCHA (requires extension) Optionally requires user to type letters or digits from a distorted image that appears on the screen.
Note Requires CAPTCHA extension, click Tools -> Extensions from the main menu to enable. Also see Third-party Tools.
Modal Use modal dialog for change password page.
Password Recovery Page
Enabled Generate password recovery page to allow the user to request for a password reset.
CAPTCHA (requires extension) Optionally requires user to type letters or digits from a distorted image that appears on the screen.
Note Requires CAPTCHA extension, click Tools -> Extensions from the main menu to enable. Also see Third-party Tools.
Modal Use modal dialog for password recovery page.
User Table Fields
Image field Image field in user table used for showing user photo in sidebar
Email field Email address field in user table used for sending email
Mobile field Mobile phone field in user table used for sending SMS (used by 2FA)
Activated field Email activated field in user table used for storing the status of user. A boolean field is recommended, although an integer field or a string field will also work. This field MUST be of boolean type.
Notes
  1. To enable user account activation, the Requires activation and Send email options under User Registration Page must be checked. The user needs to click an activation link in the email sent after registration to activate the user account.
  2. If enabled, make sure the activated field for existing users in your user table is updated with your activation values (e.g. True/False, 1/0, Y/N) or the existing users cannot login because they are not recognized as activated. You can enable Multi-Update feature for the user table so administrators can activate or deactivate existing users easily.
Profile field
A field for persisting all the additional user information. This field MUST be of long text type, e.g. ``TEXT`` or ``VARCHAR(65536)`` in MySQL; ``VARCHAR(65536)`` or ``VARCHAR(max)`` in SQL Server. This field is required if any of the follows are used:
  • Track failed attempts
  • Disallow concurrent login
  • Enable password expiry
  • Two factor authentication
  • Search filter save option set as "Server" (See [Advanced Settings](tools.html?id=search-filter-save-option))
  • Chatify Extension (See [Extensions](extension.html))
User Table List Page Options
Reset concurrent user session count If enabled, a new option is generated in the User Table list page for the administrator to reset the concurrent user session count of a user to 0
Reset login failed attempts If enabled, a new option is generated in the User Table list page for the administrator to reset the login failed attempts of a user to 0
Set password expired If enabled, a new option is generated in the User Table list page for the administrator to set the password of a user as expired
Resend registration email If enabled, a new option is generated in the User Table list page for the administrator to resend the registration email to a user
Reset user secret (two factor authentication) If enabled, a new option is generated in the User Table list page for the administrator to reset the user secret for two factor authentication. See Two Factor Authentication for details.
Logout user If enabled, a new option is generated in the User Table list page for the administrator to force logout a logged in user.
Send login link If enabled, a new option is generated in the User Table list page for the administrator to send login link to a user.
Switch user If enabled, a new option is generated in the User Table list page for the administrator to switch to and impersonate a user.

 

Also See

Tutorial - User ID Security
Tutorial - Static User Level Security
Tutorial - Dynamic User Level Security
Tutorial - User Registration System
Tutorial - Multi-Language Project Setup
Two Factor Authentication

 

 ©2002-2025 e.World Technology Ltd. All rights reserved.