Docs For Class DBLAuth

Class DBLAuth

Description

Base class for authorization handling.

This is just an abstract class, defining interface and a few bits of code. Since other DBLIB classes do not make use of DBAuth, but just rights array (from getRights), your authorization routines may not be subclasses of DBLAuth class as long as they fill the rights array the proper way. This class is only a template.

Located in /DBLAuth.php (line 14)

Method Summary

DBLAuth DBLAuth ()

bool authenticateUser (string $user, string $password)

bool checkPassword (string $password, string $encodedPW)

array emptyRights ()

Associative getRights (string $realm, [mixed $indexIsRead = true], [bool $createIsModify = true], [bool $deleteIsModify = true], bool $listIsRead)

void isAuthorized ()

void spreadRights (array &$rights, mixed $indexIsRead, bool $createIsModify, bool $deleteIsModify, bool $listIsRead)

Methods

Constructor DBLAuth (line 19)

Constructor - create object

DBLAuth DBLAuth ()

authenticateUser (line 52)

Authenticate user

This should check user password and if it matches, it should set all necessary session variables. Some implementations may add another attributes, e.g., salt to enable checking of passwords encoded by md5 by javascript.

return: True if user was valid, false if it was not.

bool authenticateUser (string $user, string $password)

string $user: User name to authenticate.
string $password: Password to use.

checkPassword (line 34)

Compare passwords encrypted with MD5 containing salt.

Utility function. Suppose the first (strlen(encodedPW)-32) characters of the encoded password are salt. Add the salt to password, encode and compare.

return: True if password matches, false if it does not.

bool checkPassword (string $password, string $encodedPW)

string $password: Plain text password (usually supplied by the user).
string $encodedPW: Encoded password with the salt.

emptyRights (line 81)

Return empty rights field.

This is an utility function for DBLAuth subclasses.

return: Empty rights field (with all rights keys present, but values are set to zero).

array emptyRights ()

getRights (line 106)

Get user rights for the realm.

Gets rights that the user has in the given realm. The parameters allow copying some rights from another one.

return: array string => bool describing rights. The indexes are:
- index - Right to list index of records.
- read - Right to display record detail.
- create - Right to create new records.
- modify - Right to modify existing records.
- delete - Right to delete records.
Some DBLAuth descendants may also set other indexes for application use. When the user is not authorized, the function should return array with all rights set to false.

Associative getRights (string $realm, [mixed $indexIsRead = true], [bool $createIsModify = true], [bool $deleteIsModify = true], bool $listIsRead)

string $realm: Realm to get rights for.
bool $listIsRead: Whether to copy the list right from the read right.
bool $createIsModify: Whether to copy the create right from the modify right.
bool $deleteIsModify: Whether to copy the delete right from the modify right.

isAuthorized (line 113)

Check whether user is authorized (has logged on for this session).

void isAuthorized ()

spreadRights (line 66)

Make some rights copy of another - to allow simple r/w rights models.

The getRights() method should call this before returning rights to the user.

void spreadRights (array &$rights, mixed $indexIsRead, bool $createIsModify, bool $deleteIsModify, bool $listIsRead)

array $rights: Rights to modify.
bool $listIsRead: Copy the list right from the read right.
bool $createIsModify: Copy the create right from the modify right.
bool $deleteIsModify: Copy the delete right from the modify right.

Documentation generated on Mon, 6 Sep 2004 21:57:01 +0200 by phpDocumentor 1.2.3