Please enable JavaScript to view this site.

Navigation: Using PHPRunner > Security

PHPrunner32x32     PHPRunner manual

Security screen

Scroll Prev Next More

Security settings

The Security screen is a tool to help you restrict access to the database in the generated app.



You can choose one of the following options:


No Login - there is no authentication. Everyone can access and edit the database.

Hardcoded - set the only login/password combination which grants access to the database.

Database - choose this method if you store username/password combinations in your database. In this case, you need to select the database table with the user data and choose the fields that store usernames, passwords, and full names. Full name content is displayed in the Logged as <> phrase after successful login.


If you wish to display additional information in the Logged as <> phrase, use the AfterSuccessfulLogin event to add a custom code. For example:


$_SESSION["UserName"] = $data["FirstName"].' '.$data["LastName"]


You can create a new table to store user login info by clicking Create new, and add new users to the selected table by clicking Add user.


The Database login page has the Third-party authentication option. See Facebook connect and Sign in with Google to learn more.


Active Directory - this option allows working with the user data stored in the Active Directory. For more information, see Active Directory.



Note: the Active Directory option is only available in the Enterprise edition. See Editions comparison to learn more.


With active authentication, PHPRunner generates an additional PHP page called Login.


Here is how it looks like in the generated app:



Note: users can select the Remember me checkbox to store their session data in the cookies. This way, the user stays authenticated for as long as the cookies are relevant or active.

Additional options

The additional security options are located on the right:


When using authentication, you can set the Login form appearance.

Registration and passwords option allows you to create and set up the user registration, password reminder, and change password pages.


Note: if you need to customize the email templates that are sent when a new user is registered, use the Email templates option.


Use Locking and Audit to set up record locking and user actions logging.

Use Encryption to encrypt important data in the database.

Use the Session keys option to enable a single logon for multiple projects.

If the Database or Active Directory option is selected, you can set Advanced Security Settings and define Permissions.

You can set up the Two-factor authentication with the Database option.

Scenarios for configuring security options

"One or several persons with the same access rights have access to the site".

Use the Hardcoded option.


"There is a single owner (administrator) with full access. Other users (guests) have read-only access to some pages/reports/charts".

Use the Database option, enable guest login in the Advanced security settings, configure the access for guests in the User group permissions.


"There are many users with different access levels and administrators with full access".

Use the Database option, configure Advanced security settings if you need to restrict access for each table, configure User group permissions to assign table level permissions, configure Admin group for administrators.


"All user account data is stored in the Active Directory".

Use the Active Directory option.

Security screen articles:

Login form appearance

Two-factor authentication

Registration and passwords

Advanced security settings

User group permissions

Dynamic permissions

Audit and record locking


Session keys

Active Directory

Facebook connect

Sign in with Google

CAPTCHA on authentication pages

See also:

Security API

Datasource tables screen

Miscellaneous settings

Page Designer

Event editor


Created with Help+Manual 7 and styled with Premium Pack Version 3 © by EC Software