Class: LiveUser_Auth_Common

Source Location: /LiveUser-0.11.1/Auth/Common.php

Class Overview

Description: This class provides a set of functions for implementing a user authorisation system on live websites. All authorisation backends/containers must be extensions of this base class.

Author(s):

Markus Wolff <wolff at 21st.de>

Version:

$Id: Common.php,v 1.40 2004/04/23 18:58:31 dufuz Exp $

Child classes:

LiveUser_Auth_Container_PEAR_Auth: Class LiveUser_Auth_Container_PEAR_Auth

LiveUser_Auth_Container_XML: Class LiveUser_Auth_Container_XML

LiveUser_Auth_Container_MDB2: Class LiveUser_Auth_Container_MDB2

LiveUser_Auth_Container_MDB: Class LiveUser_Auth_Container_MDB

LiveUser_Auth_Container_DB: Class LiveUser_Auth_Container_DB

Inherited Variables

Inherited Methods

Class Details

[line 36]
Description: This class provides a set of functions for implementing a user authorisation system on live websites. All authorisation backends/containers must be extensions of this base class.

Requirements:

When using "DB" backend: PEAR::DB database abstraction layer
LiveUser admin GUI for easy user administration and setup of authorisation areas and rights

Author: Markus Wolff <wolff@21st.de>
Version: $Id: Common.php,v 1.40 2004/04/23 18:58:31 dufuz Exp $

[ Top ]

Class Variables

$allowDuplicateHandles = false

[line 130]

Allow multiple users in the database to have the same login handle. Default: false.

Type:

boolean

[ Top ]

$authUserId = 0

[line 58]

Current user's database record id

Type:

integer

[ Top ]

$backendArrayIndex = 0

[line 156]

Defines the array index number of the LoginManager?s "backends" property.

Type:

integer

[ Top ]

$currentLogin = 0

[line 94]

Timestamp of current login (last to be written)

Type:

integer

[ Top ]

$encryptionModes = array('MD5'   => 'MD5',
                                 'PLAIN' => 'PLAIN',
                                 'RC4'   => 'RC4',
                                 'SHA1'  => 'SHA1')

[line 137]

Set posible encryption modes.

$var array

Type:

mixed

[ Top ]

$expireTime = 0

[line 112]

Auth lifetime in seconds

If this variable is set to 0, auth never expires

Type:

integer

[ Top ]

$handle = ''

[line 43]

The handle (username) of the current user

Type:

string

[ Top ]

$idleTime = 0

[line 122]

Maximum time of idleness in seconds

Idletime gets refreshed each time, init() is called. If this variable is set to 0, idle time is never checked.

Type:

integer

[ Top ]

$init_ok = false

[line 167]

Indicates if backend module initialized correctly. If yes,

true, if not false. Backend module won't initialize if the init value (usually an object or resource handle that identifies the backend to be used) is not of the required type.

Access: public

Type:

boolean

[ Top ]

$isActive = false

[line 71]

Is the current user allowed to login at all? If false,

a call to login() will not set $logged_in to true, even if handle and password were submitted correctly. This is useful when you want your users to be activated by an administrator before they can actually use your application. Default: false

See: $logged_in

Type:

boolean

[ Top ]

$lastLogin = 0

[line 87]

Timestamp of last login (previous to currentLogin)

Type:

integer

[ Top ]

$loggedIn = false

[line 80]

Has the current user successfully logged in? Default: false

See: $is_active

Type:

boolean

[ Top ]

$loginTimeout = 12

[line 103]

Number of hours that must pass between two logins to be counted as a new login. Comes in handy in some situations. Default: 12

Type:

integer

[ Top ]

$passwd = ''

[line 51]

The password of the current user as given to the login() method.

Type:

string

[ Top ]

$passwordEncryptionMode = 'MD5'

[line 149]

Defines the algorithm used for encrypting/decrypting passwords. Default: "MD5".

Type:

string

[ Top ]

Method Detail

LiveUser_Auth_Common (Constructor) [line 172]

LiveUser_Auth_Common LiveUser_Auth_Common(

$connectOptions)

Class constructor. Feel free to override in backend subclasses.

Parameters:

$connectOptions —

[ Top ]

decryptPW [line 232]

string decryptPW(
string
$encryptedPW)

Decrypts a password so that it can be compared with the user input. Uses the algorithm defined in the passwordEncryptionMode property.

Return: The decrypted password

Parameters:

string $encryptedPW — the encrypted password

[ Top ]

disconnect [line 207]

void disconnect(
)

properly disconnect from resources

Access: public

Overridden in child classes as:

LiveUser_Auth_Container_XML::disconnect(): properly disconnect from resources

LiveUser_Auth_Container_MDB2::disconnect(): properly disconnect from resources

LiveUser_Auth_Container_MDB::disconnect(): properly disconnect from resources

LiveUser_Auth_Container_DB::disconnect(): properly disconnect from resources

[ Top ]

encryptPW [line 273]

string encryptPW(
string
$plainPW)

Encrypts a password for storage in a backend container.

Uses the algorithm defined in the passwordEncryptionMode property.

Return: The encrypted password

Parameters:

string $plainPW — encryption type

[ Top ]

freeze [line 188]

void freeze(
)

store all properties in an array

Access: public

Overridden in child classes as:

LiveUser_Auth_Container_PEAR_Auth::freeze(): LiveUser_Auth_Container_PEAR_Auth::freeze()

[ Top ]

getProperty [line 482]

mixed getProperty(
string
$what)

Function returns the inquired value if it exists in the class.

Return: null, a value or an array.

Parameters:

string $what — Name of the property to be returned.

[ Top ]

isNewLogin [line 314]

boolean isNewLogin(
)

Checks if there's enough time between lastLogin and current login (now) to count as a new login.

[ Top ]

login [line 338]

void login(
string
$handle, string
$passwd, [boolean
$checkpw = true], [boolean
$updateLastLogin = true])

Tries to make a login with the given handle and password.

If $checkpw is set to false, the password won't be validated and the user will be logged in anyway. Set this option if you want to allow your users to be authenticated by a simple cookie... however, this is NOT RECOMMENDED !!! In any case, a user can't login if he's not active.

Parameters:

string	`$handle`	—	user handle
string	`$passwd`	—	user password
boolean	`$checkpw`	—	check password ? useful for some backends like LDAP
boolean	`$updateLastLogin`	—	update the last login data ?

[ Top ]

readUserData [line 432]

boolean readUserData(
string
$handle, [boolean
$passwd = false])

Reads auth_user_id, passwd, is_active flag

lastlogin timestamp from the database If only $handle is given, it will read the data from the first user with that handle and return true on success. If $handle and $passwd are given, it will try to find the first user with both handle and password matching and return true on success (this allows multiple users having the same handle but different passwords - yep, some people want this). If no match is found, false is being returned.

Again, this does nothing in the base class. The described functionality must be implemented in a subclass overriding this method.

Return: true on success, false on failure

Overridden in child classes as:

LiveUser_Auth_Container_PEAR_Auth::readUserData(): LiveUser_Auth_Container_PEAR_Auth::readUserData()

LiveUser_Auth_Container_XML::readUserData(): LiveUser_Auth_Container_XML::readUserData()

LiveUser_Auth_Container_MDB2::readUserData(): LiveUser_Auth_Container_MDB2::readUserData()

LiveUser_Auth_Container_MDB::readUserData(): LiveUser_Auth_Container_MDB::readUserData()

LiveUser_Auth_Container_DB::readUserData(): LiveUser_Auth_Container_DB::readUserData()

Parameters:

string	`$handle`	—	user handle
boolean	`$passwd`	—	user password

[ Top ]

unfreeze [line 217]

void unfreeze(
array
$propertyValues)

Reinitializes properties

Access: public

Overridden in child classes as:

LiveUser_Auth_Container_PEAR_Auth::unfreeze(): LiveUser_Auth_Container_PEAR_Auth::unfreeze()

Parameters:

array $propertyValues —

[ Top ]

updateUserData [line 405]

object PEAR_Error updateUserData(
)

Writes current values for user back to the database.

This method does nothing in the base class and is supposed to be overridden in subclasses according to the supported backend.

Access: public

Overridden in child classes as:

LiveUser_Auth_Container_PEAR_Auth::updateUserData(): LiveUser_Auth_Container_PEAR_Auth::updateUserData()

[ Top ]

userExists [line 470]

mixed userExists(
[boolean
$checkHandle = false], [boolean
$checkPW = false])

Helper function that checks if there is a user in the database who's matching the given parameters.

If $checkHandle is given and $checkPW is set to false, it only checks if a user with that handle exists. If only $checkPW is given and $checkHandle is set to false, it will check if there exists a user with that password. If both values are set to anything but false, it will find the first user in the database with both values matching. Please note:

If no match was found, the return value is false
If a match was found, the auth_user_id from the database is being returned

Whatever is returned, please keep in mind that this function only searches for the _first_ occurence of the search values in the database. So when you have multiple users with the same handle, only the ID of the first one is returned. Same goes for passwords. Searching for both password and handle should be pretty safe, though - having more than one user with the same handle/password combination in the database would be pretty stupid anyway.

Again, this does nothing in the base class. The described functionality must be implemented in a subclass overriding this method.

Return: user id when there is a match, false otherwise

Overridden in child classes as:

LiveUser_Auth_Container_XML::userExists(): LiveUser_Auth_Container_MDB::userExists()

LiveUser_Auth_Container_MDB2::userExists(): LiveUser_Auth_Container_MDB2::userExists()

LiveUser_Auth_Container_MDB::userExists(): LiveUser_Auth_Container_MDB::userExists()

LiveUser_Auth_Container_DB::userExists(): Helper function that checks if there is a user in the database who's matching the given parameters.

Parameters:

boolean	`$checkHandle`	—	check handle ?
boolean	`$checkPW`	—	check password ?

[ Top ]

Class: LiveUser_Auth_Common

Class Overview

Author(s):

Version:

Variables

Methods

Child classes:

Inherited Variables

Inherited Methods

Class Details

Class Variables

$allowDuplicateHandles = false

$authUserId = 0

$backendArrayIndex = 0

$currentLogin = 0

$encryptionModes = array('MD5' => 'MD5', 'PLAIN' => 'PLAIN', 'RC4' => 'RC4', 'SHA1' => 'SHA1')

$expireTime = 0

$handle = ''

$idleTime = 0

$init_ok = false

$isActive = false

$lastLogin = 0

$loggedIn = false

$loginTimeout = 12

$passwd = ''

$passwordEncryptionMode = 'MD5'

Method Detail

LiveUser_Auth_Common (Constructor) [line 172]

Parameters:

decryptPW [line 232]

Parameters:

disconnect [line 207]

encryptPW [line 273]

Parameters:

freeze [line 188]

getProperty [line 482]

Parameters:

isNewLogin [line 314]

login [line 338]

Parameters:

readUserData [line 432]

Parameters:

unfreeze [line 217]

Parameters:

updateUserData [line 405]

userExists [line 470]

Parameters:

$encryptionModes = array('MD5' => 'MD5',
'PLAIN' => 'PLAIN',
'RC4' => 'RC4',
'SHA1' => 'SHA1')