This class allows to keep user log-in management.
/*---------------------------------------------------------------*/
function LoginHandler($NotLoggedInURL,$dbhandler,$uc_rules) {
Purpose : Constructor
$NotLoggedinURL : URL to be redirected to if no user is logged in
$dbHandler : A dbHandler instance (See class_db.php in my classes)
$uc_rules : User control rules. See below.
/*---------------------------------------------------------------*/
function SetPasswordHandler($new_passhandler) {
Purpose : Allows to use your favorite password encryption method.
The funtion will be used as a callback.
$new_passhandler : The function name
/*---------------------------------------------------------------*/
function LoggedIn ()
Purpose : Checks if is there an user logged in
/*---------------------------------------------------------------*/
function _debugUserInfo() {
Purpose : returns the internal info of the class in HTML code
/*---------------------------------------------------------------*/
function CheckLogin($user,$pass)
Purpose : Checks if user/pass combination is valid or not.
$user : the username
$pass : the password
/*---------------------------------------------------------------*/
The User control Rules is an associative array whom structure is as follows:
"LEVEL" Arbitrary level name. It may be something like "primary", "secondary", etc. It's an associative array
"type" Rule type. Valid values are: "table" or "fixed"
"name" Used only if "type" is "table". Represents the table name that contains users info
"user_field" Used only if "type" is "table". Must be set to the actual field name inside table "name"
"pass_field" Used only if "type" is "table". Must be set to the actual field name inside table "name"
"master_password" Used for setting up a masterkey password. Usefull if you don't want to have to know every user's password.
"extra_conditions" Used only if "type" is "table". Can contain any extra conditions to ensure that user is valid.
"session_info" A String containing variables that will be set for the current session. The format of this string is as follows:
var_name[{|field_name},{%value}],var_name[{|field_name},{%value}],...,var_name[{|field_name},{%value}]
where var_name is the session variable to be set
|field_name is the field name which value will be assigned to session variable var_name,
%value is the value to be assigned to the session variable
If not used the format |field_name or %value, the value of the field named "var_name" will be assigned to de session var.
"username" Used if "type" is "fixed". Allows to permit anonimous access to your site.
An example of user rules is below:
function cryptpass($password) {
return md5($password);
}
$UserCheckRules=array(
"primary"=>array(
"type"=>"table",
"name"=>"users",
"user_field"=>"uname",
"pass_field"=>"upass",
"user_function"=>"",
"pass_function"=>"",
"extra_conditions"=>"admin='1'",
"session_info"=>"user_id,skin,name,email,show_in_home,last_login,adminuser%true"
),
"secondary"=>array(
"type"=>"table",
"name"=>"users",
"user_field"=>"uname",
"pass_field"=>"upass",
"extra_conditions"=>"admin='0'",
"session_info"=>"user_id,skin,name,email,show_in_home,last_login,adminuser%false"
),
"terciary"=>array(
"type"=>"fixed",
"username"=>"anonimous",
"session_info"=>"user_id%-1,skin%default,name%unregistered user,email%,show_in_home%startpage,last_login%,LOGGED_IN%false,adminuser%false"
)
);
$dbHandler=new db_mysql("localhost","username","password","my_database");
$myLoginHandler=new LoginHandler("login.php",$dbHandler,$UserCheckRules);
$myLoginHandler->setPasswordHandler("cryptPass");
$username=$_POST["username"];
$password=$_POST["password"];
if (!$myLoginHandler->LoggedIn()) {
$myLoginHandler->CheckLogin($username,$password);
}
|