Source for file Common.php
Documentation is available at Common.php
// LiveUser: A framework for authentication and authorization in PHP applications // Copyright (C) 2002-2003 Markus Wolff // This library is free software; you can redistribute it and/or // modify it under the terms of the GNU Lesser General Public // License as published by the Free Software Foundation; either // version 2.1 of the License, or (at your option) any later version. // This library is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU // Lesser General Public License for more details. // You should have received a copy of the GNU Lesser General Public // License along with this library; if not, write to the Free Software // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * This class provides a set of functions for implementing a user * authorisation system on live websites. All authorisation * backends/containers must be extensions of this base class. * - When using "DB" backend: * PEAR::DB database abstraction layer * - LiveUser admin GUI for easy user administration and setup of * authorisation areas and rights * @author Markus Wolff <wolff@21st.de> * @version $Id: Common.php,v 1.7 2004/12/18 21:54:05 lsmith Exp $ * @category authentication * The handle (username) of the current user * The password of the current user as given to the * Current user's database record id * Is the current user allowed to login at all? If false, * a call to login() will not set $logged_in to true, even * if handle and password were submitted correctly. This is * useful when you want your users to be activated by an * administrator before they can actually use your application. * @see LiveUser_Auth_Common::loggedIn * Has the current user successfully logged in? * @see LiveUser_Auth_Common::isActive * Timestamp of last login (previous to currentLogin) * Timestamp of current login (last to be written) * Number of hours that must pass between two logins * to be counted as a new login. Comes in handy in * some situations. Default: 12 * Auth lifetime in seconds * If this variable is set to 0, auth never expires * Maximum time of idleness in seconds * Idletime gets refreshed each time, init() is called. If this * variable is set to 0, idle time is never checked. * Allow multiple users in the database to have the same * login handle. Default: false. * Set posible encryption modes. * Defines the algorithm used for encrypting/decrypting * passwords. Default: "MD5". * Defines the array index number of the LoginManager?s "backends" property. * The name associated with this auth container. The name is used * when adding users from this container to the reference table * in the permission container. This way it is possible to see * from which auth container the user data is coming from. * External values to check (config settings) * Class constructor. Feel free to override in backend subclasses. * @var array configuration options $this->_stack = &PEAR_ErrorStack ::singleton ('LiveUser'); foreach ($connectOptions as $key => $value) { if (isset ($this->$key)) { * store all properties in an array // get values from $this->externalValues['values'] and // store them into $this->propertyValues['storedExternalValues'] $propertyValues['storedExternalValues'] = null; $propertyValues['storedExternalValues'] = $this->propertyValues['storedExternalValues']; * properly disconnect from resources * Reinitializes properties * @param array $propertyValues foreach ($propertyValues as $key => $value) { return $this->externalValuesMatch (); * Decrypts a password so that it can be compared with the user * input. Uses the algorithm defined in the passwordEncryptionMode * @param string the encrypted password * @return string The decrypted password $decryptedPW = 'Encryption type not supported.'; $decryptedPW = $encryptedPW; // MD5 can't be decoded, so return the string unmodified $decryptedPW = $encryptedPW; $decryptedPW = $encryptedPW; $this->rc4 ->decrypt ($decryptedPW); // SHA1 can't be decoded, so return the string unmodified $decryptedPW = $encryptedPW; * Encrypts a password for storage in a backend container. * Uses the algorithm defined in the passwordEncryptionMode * @param string encryption type * @return string The encrypted password $encryptedPW = 'Encryption type not supported.'; $encryptedPW = md5($plainPW); $this->rc4 ->crypt($encryptedPW); 'exception', array (), 'SHA1 function doesn\'t exist. Upgrade your PHP version'); $encryptedPW = sha1($plainPW); * Checks if there's enough time between lastLogin * and current login (now) to count as a new login. * @return boolean true if it is a new login, false if not * Tries to make a login with the given handle and password. * If $checkpw is set to false, the password won't be * validated and the user will be logged in anyway. Set this * option if you want to allow your users to be * authenticated by a simple cookie... however, this is * In any case, a user can't login if he's not active. * @param string user handle * @param string user password * @param boolean check password ? useful for some backends like LDAP * @param boolean update the last login data ? function login($handle, $passwd, $checkpw = true , $updateLastLogin = true ) // Init value: Has user data successfully been read? // Init value: Is user logged in? // Read user data from database // If duplicate handles are allowed or the password _has_ // to be checked, only read in data if a matching user is found $success = $this->_readUserData ($handle, $passwd); // If duplicate handles are not allowed or the password // doesn't need to be checked, just read in the data based $success = $this->_readUserData ($handle); // If login is successful (user data has been read) $pwCheck = false; // Init value // Just in case: Some databases will return whitespace when using // CHAR fields to store passwords, so we?ll remove it. // ...check again if we have to check the password... // If yes, does the password from the database match the given one? // If yes, set pwCheck Flag } else if ($this->passwd == $passwd) { // If yes, set pwCheck Flag // We don't have to check for the password, so set the pwCheck Flag // regardless of the user's input // ...we still need to check if this user is declared active and // if the pwCheck Flag is set to true... if ($this->isActive != false && $pwCheck == true ) { // ...and if so, we have a successful login (hooray)! // In case Login was successful, check if this can be counted // as a _new_ login by definition... $this->_updateUserData (); * Writes current values for user back to the database. * This method does nothing in the base class and is supposed to * be overridden in subclasses according to the supported backend. function _updateUserData () * Reads auth_user_id, passwd, is_active flag * lastlogin timestamp from the database * If only $handle is given, it will read the data * from the first user with that handle and return * If $handle and $passwd are given, it will try to * find the first user with both handle and password * matching and return true on success (this allows * multiple users having the same handle but different * passwords - yep, some people want this). * If no match is found, false is being returned. * Again, this does nothing in the base class. The * described functionality must be implemented in a * subclass overriding this method. * @param string user handle * @param boolean user password function _readUserData ($handle, $passwd = false ) array ('feature' => '_readUserData')); * Helper function that checks if there is a user in * the database who's matching the given parameters. * If $checkHandle is given and $checkPW is set to * false, it only checks if a user with that handle * exists. If only $checkPW is given and $checkHandle * is set to false, it will check if there exists a * user with that password. If both values are set to * anything but false, it will find the first user in * the database with both values matching. * - If no match was found, the return value is false * - If a match was found, the auth_user_id from the database * Whatever is returned, please keep in mind that this * function only searches for the _first_ occurence * of the search values in the database. So when you * have multiple users with the same handle, only the * ID of the first one is returned. Same goes for * passwords. Searching for both password and handle * should be pretty safe, though - having more than * one user with the same handle/password combination * in the database would be pretty stupid anyway. * Again, this does nothing in the base class. The * described functionality must be implemented in a * subclass overriding this method. * @param boolean check handle ? * @param boolean check password ? * @return mixed user id when there is a match, false otherwise function userExists($checkHandle = false , $checkPW = false ) array ('feature' => 'userExists')); * Function returns the inquired value if it exists in the class. * @param string Name of the property to be returned. * @return mixed null, a value or an array. if (isset ($this->$what)) { * Creates associative array of values from $externalValues['values'] with $keysToCheck * Check if the stored external values match the current external values foreach ($this->propertyValues['storedExternalValues'] as $keyToCheck => $storedValue) { // return false if any one of the stored values does not match the current value
Documentation generated on Mon, 11 Mar 2019 14:00:07 -0400 by phpDocumentor 1.4.4. PEAR Logo Copyright © PHP Group 2004.
|
