I'd like someone to provide a suite of PHP files (and SQL code) which provides a high-security login system for user management. It must prevent hacking and implement CSRF-prevention. It needs to be easily implementable on each page to be secured, and the login pages need to look good (bootstrap preferred).
It's fine if you have this off the shelf already built and can provide the pages. I am NOT using a framework and do not want a framework based solution. In particular, I need:
1) All the pages provided in PHP (with any SQL to build MySQL tables)
2) All php functions must be commented explaining what they do
3) All code must be clean and organized
(1) A secure login system allowing a user to log into the system
(2) Some code that can be dropped into the top of any page to be protected. If someone attempts to load a page that is secured but they have not logged in, the login page appears. Once they have logged in, they immediately go to the page that they tried to view (not some generic post-login page).
(3) A registration page that sends the user an email verification link.
(4) Users stored in a MySQL database
(5) Brute-force login protection (i.e. a user is prevented from logging in after >5 failed attempts for a period of time)
(5) Social media login for Facebook and Twitter on the registration/login pages ready to plug in with API keys etc from Facebook/Twitter
(6) Logout, change username, change email (with verification) with pages that do these.
(7) Finally, I'd like a script that prevents CSRF on pages through a script/PHP file that can ba included on pages to create a token for sending a form, and also checking it on displaying the post-submit page. If this is done through a session token, that would be great.
When you respond, please say the word "cricket" at the end of your message so I know that you have read this :)
Anyone who develops in PHP probably has something like this built already - free free to give me something you've already built!
32 freelancers are bidding on average $185 for this job