Class: LiveUser_Auth_Common

Source Location: /LiveUser-0.14.0/Auth/Common.php

Class Overview

This class provides a set of functions for implementing a user authorisation system on live websites. All authorisation backends/containers must be extensions of this base class.

Author(s):

Markus Wolff <wolff at 21st.de>

Version:

$Id: Common.php,v 1.7 2004/12/18 21:54:05 lsmith Exp $

Child classes:

LiveUser_Auth_XML: This is a XML backend driver for the LiveUser class.

LiveUser_Auth_MDB2: This is a PEAR::MDB2 backend driver for the LiveUser class.

LiveUser_Auth_MDB: This is a PEAR::MDB backend driver for the LiveUser class.

LiveUser_Auth_DB: This is a PEAR::DB backend driver for the LiveUser class.

LiveUser_Auth_PEARAuth: ==================== !!! WARNING !!! ========================================

Inherited Variables

Inherited Methods

Class Details

[line 35]
This class provides a set of functions for implementing a user authorisation system on live websites. All authorisation backends/containers must be extensions of this base class.

Requirements:

When using "DB" backend: PEAR::DB database abstraction layer
LiveUser admin GUI for easy user administration and setup of authorisation areas and rights

Author: Markus Wolff <wolff@21st.de>
Version: $Id: Common.php,v 1.7 2004/12/18 21:54:05 lsmith Exp $

[ Top ]

Class Variables

$allowDuplicateHandles = false

[line 142]

Allow multiple users in the database to have the same login handle. Default: false.

Access: protected

Type:

boolean

[ Top ]

$authUserId = 0

[line 60]

Current user's database record id

Access: protected

Type:

integer

[ Top ]

$backendArrayIndex = 0

[line 171]

Defines the array index number of the LoginManager?s "backends" property.

Access: protected

Type:

integer

[ Top ]

$containerName = null

[line 198]

The name associated with this auth container. The name is used when adding users from this container to the reference table in the permission container. This way it is possible to see from which auth container the user data is coming from.

Access: public

Type:

string

[ Top ]

$currentLogin = 0

[line 102]

Timestamp of current login (last to be written)

Access: protected

Type:

integer

[ Top ]

$encryptionModes = array('MD5'   => 'MD5',
                                 'PLAIN' => 'PLAIN',
                                 'RC4'   => 'RC4',
                                 'SHA1'  => 'SHA1')

[line 150]

Set posible encryption modes.

Access: protected

Type:

array

[ Top ]

$expireTime = 0

[line 122]

Auth lifetime in seconds

If this variable is set to 0, auth never expires

Access: protected

Type:

integer

[ Top ]

$externalValues = array()

[line 206]

External values to check (config settings)

Access: public

Type:

array

[ Top ]

$handle = ''

[line 43]

The handle (username) of the current user

Access: protected

Type:

string

[ Top ]

$idleTime = 0

[line 133]

Maximum time of idleness in seconds

Idletime gets refreshed each time, init() is called. If this variable is set to 0, idle time is never checked.

Access: protected

Type:

integer

[ Top ]

$isActive = null

[line 74]

Is the current user allowed to login at all? If false,

a call to login() will not set $logged_in to true, even if handle and password were submitted correctly. This is useful when you want your users to be activated by an administrator before they can actually use your application. Default: false

See: LiveUser_Auth_Common::loggedIn
Access: protected

Type:

boolean

[ Top ]

$lastLogin = 0

[line 94]

Timestamp of last login (previous to currentLogin)

Access: protected

Type:

integer

[ Top ]

$loggedIn = null

[line 86]

Has the current user successfully logged in? Default: false

See: LiveUser_Auth_Common::isActive
Access: protected

Type:

boolean

[ Top ]

$loginTimeout = 12

[line 112]

Number of hours that must pass between two logins to be counted as a new login. Comes in handy in some situations. Default: 12

Access: protected

Type:

integer

[ Top ]

$ownerGroupId = null

[line 76]

Type:

mixed

[ Top ]

$ownerUserId = null

[line 75]

Type:

mixed

[ Top ]

$passwd = ''

[line 52]

The password of the current user as given to the login() method.

Access: protected

Type:

string

[ Top ]

$passwordEncryptionMode = 'MD5'

[line 163]

Defines the algorithm used for encrypting/decrypting passwords. Default: "MD5".

Access: protected

Type:

string

[ Top ]

$propertyValues = array()

[line 187]

Property values

Access: public

Type:

array

[ Top ]

$_stack = null

[line 179]

Error stack

Access: protected

Type:

PEAR_ErrorStack

[ Top ]

Method Detail

LiveUser_Auth_Common (Constructor) [line 215]

void LiveUser_Auth_Common(

$connectOptions, 
$containerName)

Class constructor. Feel free to override in backend subclasses.

Var: configuration options
Access: protected

Parameters:

	`$connectOptions`	—
	`$containerName`	—

[ Top ]

decryptPW [line 303]

string decryptPW(
string
$encryptedPW)

Decrypts a password so that it can be compared with the user input. Uses the algorithm defined in the passwordEncryptionMode property.

Return: The decrypted password

Parameters:

string $encryptedPW — the encrypted password

[ Top ]

disconnect [line 271]

void disconnect(
)

properly disconnect from resources

Access: public

Overridden in child classes as:

LiveUser_Auth_XML::disconnect(): Properly disconnect from resources

LiveUser_Auth_MDB2::disconnect(): properly disconnect from database

LiveUser_Auth_MDB::disconnect(): Properly disconnect from database

LiveUser_Auth_DB::disconnect(): Properly disconnect from database

[ Top ]

encryptPW [line 343]

string encryptPW(
string
$plainPW)

Encrypts a password for storage in a backend container.

Uses the algorithm defined in the passwordEncryptionMode property.

Return: The encrypted password

Parameters:

string $plainPW — encryption type

[ Top ]

externalValuesMatch [line 592]

void externalValuesMatch(
array
$values)

Check if the stored external values match the current external values

Access: public

Parameters:

array $values —

[ Top ]

freeze [line 235]

array freeze(
)

store all properties in an array

Access: public

[ Top ]

getProperty [line 555]

mixed getProperty(
string
$what)

Function returns the inquired value if it exists in the class.

Return: null, a value or an array.

Parameters:

string $what — Name of the property to be returned.

[ Top ]

isNewLogin [line 385]

boolean isNewLogin(
)

Checks if there's enough time between lastLogin and current login (now) to count as a new login.

Return: true if it is a new login, false if not
Access: public

[ Top ]

login [line 409]

void login(
string
$handle, string
$passwd, [boolean
$checkpw = true], [boolean
$updateLastLogin = true])

Tries to make a login with the given handle and password.

If $checkpw is set to false, the password won't be validated and the user will be logged in anyway. Set this option if you want to allow your users to be authenticated by a simple cookie... however, this is NOT RECOMMENDED !!! In any case, a user can't login if he's not active.

Parameters:

string	`$handle`	—	user handle
string	`$passwd`	—	user password
boolean	`$checkpw`	—	check password ? useful for some backends like LDAP
boolean	`$updateLastLogin`	—	update the last login data ?

[ Top ]

setExternalValues [line 572]

void setExternalValues(
)

Creates associative array of values from $externalValues['values'] with $keysToCheck

Access: public

[ Top ]

unfreeze [line 282]

boolean unfreeze(
array
$propertyValues)

Reinitializes properties

Access: public

Parameters:

array $propertyValues —

[ Top ]

userExists [line 542]

mixed userExists(
[boolean
$checkHandle = false], [boolean
$checkPW = false])

Helper function that checks if there is a user in the database who's matching the given parameters.

If $checkHandle is given and $checkPW is set to false, it only checks if a user with that handle exists. If only $checkPW is given and $checkHandle is set to false, it will check if there exists a user with that password. If both values are set to anything but false, it will find the first user in the database with both values matching. Please note:

If no match was found, the return value is false
If a match was found, the auth_user_id from the database is being returned

Whatever is returned, please keep in mind that this function only searches for the _first_ occurence of the search values in the database. So when you have multiple users with the same handle, only the ID of the first one is returned. Same goes for passwords. Searching for both password and handle should be pretty safe, though - having more than one user with the same handle/password combination in the database would be pretty stupid anyway.

Again, this does nothing in the base class. The described functionality must be implemented in a subclass overriding this method.

Return: user id when there is a match, false otherwise

Overridden in child classes as:

LiveUser_Auth_XML::userExists(): Helper function that checks if there is a user in the database who's matching the given parameters.

LiveUser_Auth_MDB2::userExists(): Helper function that checks if there is a user in the database who's matching the given parameters.

LiveUser_Auth_MDB::userExists(): Helper function that checks if there is a user in the database who's matching the given parameters.

LiveUser_Auth_DB::userExists(): Helper function that checks if there is a user in the database who's matching the given parameters.

LiveUser_Auth_PEARAuth::userExists(): not yet implemented

Parameters:

boolean	`$checkHandle`	—	check handle ?
boolean	`$checkPW`	—	check password ?

[ Top ]

Class: LiveUser_Auth_Common

Class Overview

Author(s):

Version:

Variables

Methods

Child classes:

Inherited Variables

Inherited Methods

Class Details

Class Variables

$allowDuplicateHandles = false

$authUserId = 0

$backendArrayIndex = 0

$containerName = null

$currentLogin = 0

$encryptionModes = array('MD5' => 'MD5', 'PLAIN' => 'PLAIN', 'RC4' => 'RC4', 'SHA1' => 'SHA1')

$expireTime = 0

$externalValues = array()

$handle = ''

$idleTime = 0

$isActive = null

$lastLogin = 0

$loggedIn = null

$loginTimeout = 12

$ownerGroupId = null

$ownerUserId = null

$passwd = ''

$passwordEncryptionMode = 'MD5'

$propertyValues = array()

$_stack = null

Method Detail

LiveUser_Auth_Common (Constructor) [line 215]

Parameters:

decryptPW [line 303]

Parameters:

disconnect [line 271]

encryptPW [line 343]

Parameters:

externalValuesMatch [line 592]

Parameters:

freeze [line 235]

getProperty [line 555]

Parameters:

isNewLogin [line 385]

login [line 409]

Parameters:

setExternalValues [line 572]

unfreeze [line 282]

Parameters:

userExists [line 542]

Parameters:

$encryptionModes = array('MD5' => 'MD5',
'PLAIN' => 'PLAIN',
'RC4' => 'RC4',
'SHA1' => 'SHA1')