Access&User management

Dear All,

We are looking for a PHP & AJAX & MySQL user management with drag and drop, sortable and autocomplete features in AJAX, a friendly interface, templates preferable.

It must be a Role Based Access Control, allow the definition of new roles, disable old roles, keep a log of ALL changes/updates/actions for each module/feature.

The back-end has to be MySQL (InnoDB & FK).

It is mandatory to have everything properly sanitized and not to be vulnerable to XSS, SQL injections. In case any issues are found they must be fixed before payment is done.

The code&DB must be properly documented and commented in English (low level design and high level design documents, including and not limiting only to comments in the code). Functions will include usage examples. All requirements for the installation will be provided. A setup module is desirable which will validate requirements. A demo will be provided online for validation and afterwards it will be provided with the source code in the archive together will all the other information and requirements.

Among the features: we require a password reset module: a page where the user submits his username and based on the information in the DB the user will receive an email with a link (one time use only, it cannot be used more than once) which will unlock the account and change the password (random generated) and it will email the user the new details.

If the account is locked the administrator and user will be notified via email including the link to the account unlock page(the mail function will allow HTML content and will send the content as HTML/TXT (the template can be defined via web module)).

It will allow language selection.

Please find some details regarding the project:


- web management module of restrictions to access the web pages

- ability to restrict sections of the code/output on a per role/company/division/department/unit or other category (i.e.: we might want to show certain information only to users that have an admin role or to users that are part of a certain company/division/department/unit/other category which will require a validation based on information stored in the session and/or DB.

- validate session

- validate constraints (maximum sessions, lifetime etc)


- validation of session in order to ensure that the user has not attempted to alter any information (encryption, hash validation and other techniques).

- record username, encrypted password (no hashing), ip address in login table

- increment number of logins (correct/incorrect) in users table

- allow restriction of 1 login / user (check box and edit box with number of maximum simultaneous logins) stored in users table

- allow account lockout (it will be set globally for all users in the web interface, however some users will be excluded (allow web selection of excluded users) and all the info will be stored in the DB).

- allow ip lockout (again certain ip addresses will be excluded and managed via the web) - all info stored in DB

- accounts will not be deleted, they will be set as disabled for audit reasons

- set per user / global session lifetime

- disable the usage of back/forward/refresh browser actions (management of these features will be set in the per page restrictions and access settings)


- username (based on the user email address: i.e.: will have a username [url removed, login to view])

- email address

- supervisor selection (supervisor management module will be available with drag & drop features in the management module)

- location selection

- company selection

- division/department/unit selection (a management module with logging of all actions will be available, and it will allow more than 3 levels depth; a hierarchy tree will be available via the web management interface (drag&drop preferable)).

- phone number

- extension

- password (will be generated and communicated via email and will force the user to change the password after the first login).

- expiration date (can be enforced by the certain roles in the management module)

- account will require activation by supervisor/admin/other groups (notification will be issued mandatory to supervisor and other selected roles in the management module).


- users management: enforce password change on first login after registration, after x days (set via globally / per user),

- supervisor management

- roles management

- reporting module: per user, per ip, per role including graphs

- web management module of restrictions to access the web page

- other settings mentioned in the above requirements

For any other inquiries I'm at your disposal.

Skills: AJAX, Apache, CMS, PHP, Web Security

See more: where are graphs used, web logging template design, web design drag and drop, web design documents templates, web design audit, user registration design, use graphs to find the set, use case module, use case levels, use case extension, usage logging, tree to box, tree in order, tree graphs, template web administrator, show all notification web page design, security administrator, reset link, project on company audit, please reset your password, php autocomplete, phone case design web template, phone case design website, phone case design online, order of tree

About the Employer:
( 0 reviews ) Bucharest, Romania

Project ID: #584397

9 freelancers are bidding on average $275 for this job


If you want a Drupal Pro check you PMB for Details

$250 USD in 14 days
(4 Reviews)

I am afree lance web developer with good experience in PHP/MYSQL/Javascript/[login to view URL] worked on ecommerce,b2b,online reservation , real estate listing and library sites

$250 USD in 25 days
(1 Review)

i can make sure what you need

$300 USD in 7 days
(0 Reviews)

I have already done this type of project. If you interested then I see the demo

$200 USD in 1 day
(0 Reviews)

We are a ten member team who have professionally mastered the skills of Web Design and Development. We provide excellent quality service within our clients’ budget to their utmost satisfaction. We offer an outstandi More

$250 USD in 20 days
(0 Reviews)

Please see PM

$500 USD in 10 days
(1 Review)

Sir, Please see inbox for details.

$250 USD in 12 days
(0 Reviews)

I would suggest using Joomla and YOS for this project. We have read your requirements and understand your needs. I have been doing design, website design, marketing and programming for almost 20 years and have worked/c More

$350 USD in 35 days
(1 Review)

please see pm thank you

$125 USD in 14 days
(0 Reviews)