A secure, modern PHP 8+ admin panel with MVC architecture, comprehensive authentication system, and enterprise-grade security features.
- PHP 8.0+ Support - Modern PHP with strict types and null coalescing operators
- Secure Authentication - Password hashing with bcrypt, CSRF protection, secure session management
- MVC Architecture - Clean separation of concerns with Models, Views, Controllers
- Full Auth System - Login, Logout, Password Reset, Change Password with secure flows
- XSS Protection - All output sanitized with proper HTML escaping
- SQL Injection Prevention - PDO prepared statements for all database queries
- CSRF Tokens - Secure token-based protection for all forms
- Session Security - HttpOnly, SameSite cookies, session regeneration
- Environment Configuration - Support for .env files in production
- Password Migration - Automatic upgrade from legacy MD5 to modern bcrypt
- PHP 8.0+ (8.3+ recommended)
- MySQL 5.7+ or MariaDB 10.2+
- PDO Extension enabled
- MySQL Extension for PDO
-
Clone the repository
git clone https://github.com/scopweb/PHP-Admin-Panel.git cd PHP-Admin-Panel -
Configure database
cp .env.example .env # Edit .env with your database credentials -
Import database
mysql -u root -p < your_db_name.sql -
Set permissions
chmod 755 views/ chmod 644 views/*.php -
Access the panel
- URL:
http://localhost/PHP-Admin-Panel/views/login.php
- URL:
| Field | Value |
|---|---|
| Username | admin@google.com |
| Password | Pt123456789 |
For detailed security information, see SECURITY_REVIEW.md
- ✅ SQL Injection Prevention (PDO + Prepared Statements)
- ✅ XSS Protection (HTML Escaping)
- ✅ CSRF Protection (Token Validation)
- ✅ Secure Password Hashing (Bcrypt)
- ✅ Session Regeneration
- ✅ Secure Password Reset Flow
- ✅ Environment Variable Support
Dashboard UI
