Class: SessionSource
- Package: saf.Session
- Author: John Luxford <lux@simian.ca>
- Copyright: Copyright (C) 2001-2003, Simian Systems Inc.
- License: http://www.sitellite.org/index/license Simian Open Software License
- Version: 1.2, 2003-04-23, $Id: Source.php,v 1.5 2007/10/06 00:06:30 lux Exp $
- Access: public
This is the base source driver package for saf.Session. Custom
drivers are created by sub-classing this package.
New in 1.2:
- Added the getRole(), getTeam(), and isDisabled() methods.
New in 1.4:
- Added getActive(), session_user_get_active(), session_user_get_email(),
and session_user_is_unique()
Usage Example
<?php
$s = new SessionSource;
$s->setProperties (array (
'foo' => 'bar',
));
if ($s->authorize ($user, $pass, $id)) {
// in
} else {
// out
}
?>
Return to Top
Properties
$access = array ()
$status = array ()
$roles = array ()
$teams = array ()
$resources = array ()
$user = array ()
$prefs = array ()
$_prefs = array ()
$path
$realm
$cancelmessage = 'You do not have permission to access this resource.'
$cookiename = 'sitellite_session_id'
Name of the cookie. Defaults to 'sitellite_session_id'.
$cookieexpires = 0
Expiration of cookie. Defaults to 0, which means the cookie
will expire when the browser closes.
$cookiedomain
Domain value of the cookie.
$cookiepath = '/'
Path value of the cookie. Defaults to '/'.
$cookiesecure = 0
Secure value of the cookie. May be 1 or 0, and defaults to 0.
$usernamefield = 'username'
The name of the username field in the form (uses saf.MailForm)
created by sendAuthRequest(). Defaults to 'username'.
$passwordfield = 'password'
The name of the password field in the form
created by sendAuthRequest(). Defaults to 'password'.
$hiddenfields = array ()
A list of hidden form fields and their values.
$usernametext = 'Username'
The alt text of the username field in the form
created by sendAuthRequest(). Defaults to 'Username'.
$passwordtext = 'Password'
The alt text of the password field in the form
created by sendAuthRequest(). Defaults to 'Password'.
$submittext = 'Sign In'
The alt text of the submit button in the form
created by sendAuthRequest(). Defaults to 'Sign In'.
$formtemplate = false
The template of the form created by sendAuthRequest().
Defaults to false (no template).
$usernamerules = array ()
A list of rules for the username form field. The keys are
the rules and the values are the invalid messages.
$passwordrules = array ()
A list of rules for the password form field. The keys are
the rules and the values are the invalid messages.
$formmessage = 'Please enter your username and password.'
The welcome message of the form. Defaults to
'Please enter your username and password.'
$invalidmessage = 'Sorry, the password you specified was invalid. Please try again.'
The invalid message of the form. Defaults to
'Sorry, the password you specified was invalid. Please try again.'
$timeoutmessage = 'Sorry, your session has timed out. Please sign in again to continue.'
The timeout message of the form. Defaults to
'Sorry, your session has timed out. Please sign in again to continue.'
$sessObj
A reference to the main session object, in case it's
needed by a specific handler.
$error
The error message if an error occurs.
$total
Number of users.
$dir = 'inc/conf/auth/roles'
Directory to store info.
$data = array ()
Parsed data from file.
$file = 'inc/conf/auth/resources/index.php'
File to store resource info.
$id
The session id value.
$valid = false
Says whether this session is valid.
$username
Contains the username of the user.
$password
Contains the password of the user.
$useID = true
Specifies whether or not to use a session id. Some handlers or
sources may not support session ids (ie. the Basic handler), and so they
may be disabled.
$timeout = 3600
Specifies a length in seconds that the session may be inactive
for before automatically logging the user out. This is also optional,
as some handlers or sources may not support it.
$autoSave = true
Specifies whether calls to set() should also call save()
automatically. Defaults to true, since for most intents and purposes
this is a nice way of not having to think about it.
$handler
The handler driver object.
$source
The source driver object.
$store
The store driver object.
$tablename = 'sitellite_user'
The name of the database table that contains the users.
Defaults to 'sitellite_user'.
$usernamecolumn = 'username'
The name of the username column in the database.
Defaults to 'username'.
$passwordcolumn = 'password'
The name of the password column in the database.
Defaults to 'password'.
$sessionidcolumn = 'session_id'
The name of the session id column in the database.
Defaults to 'session_id'.
$timeoutcolumn = 'expires'
The name of the timeout column in the database.
Defaults to 'expires'.
$rolecolumn = 'role'
The name of the role column in the database.
Defaults to 'role'.
$teamcolumn = 'team'
The name of the team column in the database.
Defaults to 'team'.
$teamscolumn = 'teams'
The name of the teams column in the database.
Defaults to 'team'.
$disabledcolumn = 'disabled'
The name of the disabled column in the database.
Defaults to 'disabled'.
$publiccolumn = 'public'
The name of the public column in the database.
Defaults to 'public'.
$encryptionMethod = 'better_crypt_compare'
The method to use to compare the password to the
encrypted copy from the source. Defaults to
'better_crypt_compare', which uses a modification of the
crypt() function. $encryptionMethod must be any valid
value that can be passed as a first parameter to the
call_user_func() PHP function. The specified function
must accept the challenging password as a first parameter,
and the source password as a second. This makes it easy
to write alternate encryption methods, such as MD5.
$session_table = 'sitellite_user_session'
The table for the session id storage, must use the same field
names as the main table for username, sessionid and timeout.
$resultObj
An object containing all of the values returned from
the data source regarding the user.
$map = array ()
Source fields to map to the specified fields.
$set = array ()
User values to set automatically to the specified values.
$readOnly = false
If this is set to true, the session source is considered "read-only"
and can't be modified via Sitellite's user administration capabilities.
Return to Top
Methods
SessionSource ()
Constructor method.
setProperties ($properties)
Sets the properties of this object.
authorize ($username, $password, $id)
- Access: public
- Return: boolean
Authorizes the user against the data source.
close ()
Closes the session with the source.
getRole ()
Returns the role of the current user.
getTeam ()
Returns the team of the current user.
getTeams ()
Returns the list of teams whose documents are accessible by the
current user.
isDisabled ()
Returns the whether or not the current user account
is disabled.
getUser ($user)
Retrieves a user by their username. Returns all of the user's
data as an object.
getUserByEmail ($email)
Retrieves a user by their email address. Returns just the username.
isValidKey ($user, $key)
Determines whether the specified verification key is valid.
add ($data)
Adds a new user.
update ($data, $user)
Updates the data of the specified user.
delete ($user)
Removes the specified user.
getTotal ($role, $team, $public)
Retrieves the total number of users. $role and $team allow you to
retrieve a total for specific roles and teams. $public allows
you to specify whether to limit it to public users or not.
getActive ()
Retrieves the total number of active (ie. currently logged in) users.
getList ($offset, $limit, $order, $ascdesc, $role, $team, $name)
Retrieves a list of users.
Return to Top