Docs For Class Auth

$advancedsecurity = false

[line 243]

Flag to use advanced security When set extra checks will be made to see if the user's IP or useragent have changed across requests.

Turned off by default to preserve BC.

Var: Boolean to turn all advanced security options on or off Array containing named values turning specific advanced security features on or off individually array( AUTH_ADV_IPCHECK => true, AUTH_ADV_USERAGENT => true, AUTH_ADV_CHALLENGE => true, );

Type:

mixed

[ Top ]

$allowLogin = true

[line 159]

Is Login Allowed from this page

See: Auth::setAllowLogin()

Type:

bool

[ Top ]

$authChecks = 0

[line 293]

How many times has checkAuth been called

Type:

int

[ Top ]

$authdata =

[line 287]

A hash to hold various superglobals as reference

Type:

array

[ Top ]

$checkAuthCallback = ''

[line 188]

checkAuth callback function name

See: Auth::setCheckAuthCallback()

Type:

string

[ Top ]

$cookie =

[line 281]

Holds a reference to the global cookie variable

Type:

array

[ Top ]

$enableLogging = false

[line 307]

Whether to enable logging of behaviour

Type:

boolean

[ Top ]

$expire = 0

[line 100]

Auth lifetime in seconds

If this variable is set to 0, auth never expires

See: Auth::setExpire(), Auth::checkAuth()

Type:

integer

[ Top ]

$expired = false

[line 108]

Has the auth session expired?

See: Auth::checkAuth()

Type:

bool

[ Top ]

$idle = 0

[line 120]

Maximum idletime in seconds

The difference to $expire is, that the idletime gets refreshed each time checkAuth() is called. If this variable is set to 0, idletime is never checked.

See: Auth::setIdle(), Auth::checkAuth()

Type:

integer

[ Top ]

$idled = false

[line 128]

Is the maximum idletime over?

See: Auth::checkAuth()

Type:

boolean

[ Top ]

$logger = null

[line 300]

PEAR::Log object

Type:

object Log

[ Top ]

$loginCallback = ''

[line 196]

See: Auth::setLoginCallback()

Type:

string

[ Top ]

$loginFailedCallback = ''

[line 204]

Failed Login callback function name

See: Auth::setFailedLoginCallback()

Type:

string

[ Top ]

$loginFunction = ''

[line 143]

User-defined function that creates the login screen

Type:

string

[ Top ]

$logoutCallback = ''

[line 212]

Logout callback function name

See: Auth::setLogoutCallback()

Type:

string

[ Top ]

$password = ''

[line 180]

Password

Type:

string

[ Top ]

$post =

[line 275]

Holds a reference to the global post variable

Type:

array

[ Top ]

$regenerateSessionId = false

[line 314]

Whether to regenerate session id everytime start is called

Type:

boolean

[ Top ]

$server =

[line 269]

Holds a reference to the global server variable

Type:

array

[ Top ]

$session =

[line 263]

Holds a reference to the session auth variable

Type:

array

[ Top ]

$showLogin = true

[line 151]

Should the login form be displayed

See: setShowlogin()

Type:

bool

[ Top ]

$status = ''

[line 166]

Current authentication status

Type:

string

[ Top ]

$storage = ''

[line 136]

Storage object

See: Auth::Auth(), validateLogin()

Type:

object

[ Top ]

$username = ''

[line 173]

Username

Type:

string

[ Top ]

$version = "@version@"

[line 226]

Package Version

Type:

string

[ Top ]

Auth (Constructor) [line 333]

void Auth(
string
$storageDriver, [mixed
$options = ''], [string
$loginFunction = ''], [boolean
$showLogin = true])

Constructor

Set up the storage driver.

Parameters:

string	`$storageDriver`	—	Type of the storage driver
mixed	`$options`	—	Additional options for the storage driver (example: if you are using DB as the storage driver, you have to pass the dsn string here)
string	`$loginFunction`	—	Name of the function that creates the login form
boolean	`$showLogin`	—	Should the login form be displayed if necessary?

[ Top ]

addUser [line 1209]

mixed addUser(
string
$username, string
$password, [mixed
$additional = ''])

Add user to the storage container

Return: True on success, PEAR error object on error and AUTH_METHOD_NOT_SUPPORTED otherwise.
Access: public

Parameters:

string	`$username`	—	Username
string	`$password`	—	Password
mixed	`$additional`	—	Additional parameters

[ Top ]

attachLogObserver [line 1311]

boolean attachLogObserver(
object Log_Observer
&$observer)

Attach an Observer to the Auth Log Source

Parameters:

object Log_Observer &$observer — A Log Observer instance

[ Top ]

changePassword [line 1246]

mixed changePassword(
string
$username, string
$password)

Change password for user in the storage container

Return: True on success, PEAR error object on error and AUTH_METHOD_NOT_SUPPORTED otherwise.
Access: public

Parameters:

string	`$username`	—	Username
string	`$password`	—	The new password

[ Top ]

checkAuth [line 895]

boolean checkAuth(
)

Checks if there is a session with valid auth information.

Return: Whether or not the user is authenticated.
Access: public

[ Top ]

getAuth [line 1052]

bool getAuth(
)

Has the user been authenticated?

Is there a valid login session. Previously this was different from checkAuth() but now it is just an alias.

Return: True if the user is logged in, otherwise false.
Access: public

[ Top ]

getAuthData [line 796]

mixed getAuthData(
[string
$name = null])

Get additional information that is stored in the session.

If no value for the first parameter is passed, the method will return all data that is currently stored.

Return: Value of the data field.
Access: public

Parameters:

string $name — Name of the data field

[ Top ]

getPostPasswordField [line 1154]

string getPostPasswordField(
)

Gets the post varible used for the username

Access: public

[ Top ]

getPostUsernameField [line 1140]

string getPostUsernameField(
)

Gets the post varible used for the username

Access: public

[ Top ]

getStatus [line 1126]

string getStatus(
)

Get the current status

Access: public

[ Top ]

getUsername [line 1109]

string getUsername(
)

Get the username

Access: public

[ Top ]

listUsers [line 1189]

array listUsers(
)

List all users that are currently available in the storage container

Access: public

[ Top ]

log [line 1264]

boolean log(
string
$message, [string
$level = AUTH_LOG_DEBUG])

Log a message from the Auth system

Access: public

Parameters:

string	`$message`	—	The message to log
string	`$level`	—	The log level to log the message under. See the Log documentation for more info.

[ Top ]

logout [line 1071]

void logout(
)

Logout function

This function clears any auth tokens in the currently active session and executes the logout callback function, if any

Access: public

[ Top ]

removeUser [line 1227]

mixed removeUser(
string
$username)

Remove user from the storage container

Return: True on success, PEAR error object on error and AUTH_METHOD_NOT_SUPPORTED otherwise.
Access: public

Parameters:

string $username — Username

[ Top ]

sessionValidThru [line 1168]

integer sessionValidThru(
)

Returns the time up to the session is valid

Access: public

[ Top ]

setAdvancedSecurity [line 881]

void setAdvancedSecurity(
[bool
$flag = true])

Enables advanced security checks

Currently only ip change and useragent change are detected

Todo: Add challenge cookies - Create a cookie which changes every time and contains some challenge key which the server can verify with a session var cookie might need to be crypted (user pass)
Access: public

Parameters:

bool $flag — Enable or disable

[ Top ]

setAllowLogin [line 689]

void setAllowLogin(
[bool
$allowLogin = true])

Is Login Allowed from this page?

Access: public

Parameters:

bool $allowLogin — allow login from this page or not

[ Top ]

setAuth [line 821]

void setAuth(
string
$username)

Access: public

Parameters:

string $username — Username

[ Top ]

setAuthData [line 775]

void setAuthData(
string
$name, mixed
$value, [boolean
$overwrite = true])

Access: public

Parameters:

string	`$name`	—	Name of the data field
mixed	`$value`	—	Value of the data field
boolean	`$overwrite`	—	Should existing data be overwritten? (default is true)

[ Top ]

setCheckAuthCallback [line 706]

void setCheckAuthCallback(
string
$checkAuthCallback)

Register a callback function to be called whenever the validity of the login is checked The function will receive two parameters, the username and a reference to the auth object.

Since: Method available since Release 1.4.3
Access: public

Parameters:

string $checkAuthCallback — callback function name

[ Top ]

setExpire [line 617]

void setExpire(
integer
$time, [bool
$add = false])

Set the maximum expire time

Access: public

Parameters:

integer	`$time`	—	time in seconds
bool	`$add`	—	add time to current expire time or not

[ Top ]

setFailedLoginCallback [line 739]

void setFailedLoginCallback(
string
$loginFailedCallback)

The function will receive two parameters, the username and a reference to the auth object.

Access: public

Parameters:

string $loginFailedCallback — callback function name

[ Top ]

setIdle [line 633]

void setIdle(
integer
$time, [bool
$add = false])

Set the maximum idle time

Access: public

Parameters:

integer	`$time`	—	time in seconds
bool	`$add`	—	add time to current maximum idle time or not

[ Top ]

setLoginCallback [line 723]

void setLoginCallback(
string
$loginCallback)

The function will receive two parameters, the username and a reference to the auth object.

See: Auth::setLogoutCallback()
Access: public

Parameters:

string $loginCallback — callback function name

[ Top ]

setLogoutCallback [line 756]

void setLogoutCallback(
string
$logoutCallback)

The function will receive three parameters, the username and a reference to the auth object.

See: Auth::setLoginCallback()
Access: public

Parameters:

string $logoutCallback — callback function name

[ Top ]

setSessionName [line 654]

void setSessionName(
[string
$name = 'session'])

Set name of the session to a customized value.

If you are using multiple instances of PEAR::Auth on the same domain, you can change the name of session per application via this function. This will chnage the name of the session variable auth uses to store it's data in the session

Access: public

Parameters:

string $name — New name for the session

[ Top ]

setShowLogin [line 674]

void setShowLogin(
[bool
$showLogin = true])

Should the login form be displayed if necessary?

Access: public

Parameters:

bool $showLogin — show login form or not

[ Top ]

start [line 516]

void start(
)

Start new auth session

Access: public

[ Top ]

staticCheckAuth [line 1030]

boolean staticCheckAuth(
[
$options = null])

Statically checks if there is a session with valid auth information.

Return: Whether or not the user is authenticated.
See: Auth::checkAuth()
Access: public

Parameters:

$options —

[ Top ]

Class: Auth

Class Overview

Author(s):

Version:

Copyright:

Variables

Methods

Child classes:

Inherited Variables

Inherited Methods

Class Details

Class Variables

$advancedsecurity = false

$allowLogin = true

$authChecks = 0

$authdata =

$checkAuthCallback = ''

$cookie =

$enableLogging = false

$expire = 0

$expired = false

$idle = 0

$idled = false

$logger = null

$loginCallback = ''

$loginFailedCallback = ''

$loginFunction = ''

$logoutCallback = ''

$password = ''

$post =

$regenerateSessionId = false

$server =

$session =

$showLogin = true

$status = ''

$storage = ''

$username = ''

$version = "@version@"

Method Detail

Auth (Constructor) [line 333]

Parameters:

addUser [line 1209]

Parameters:

attachLogObserver [line 1311]

Parameters:

changePassword [line 1246]

Parameters:

checkAuth [line 895]

getAuth [line 1052]

getAuthData [line 796]

Parameters:

getPostPasswordField [line 1154]

getPostUsernameField [line 1140]

getStatus [line 1126]

getUsername [line 1109]

listUsers [line 1189]

log [line 1264]

Parameters:

logout [line 1071]

removeUser [line 1227]

Parameters:

sessionValidThru [line 1168]

setAdvancedSecurity [line 881]

Parameters:

setAllowLogin [line 689]

Parameters:

setAuth [line 821]

Parameters:

setAuthData [line 775]

Parameters:

setCheckAuthCallback [line 706]

Parameters:

setExpire [line 617]

Parameters:

setFailedLoginCallback [line 739]

Parameters:

setIdle [line 633]

Parameters:

setLoginCallback [line 723]

Parameters: