blueshoes php application framework and cms            core_auth
[ class tree: core_auth ] [ index: core_auth ] [ all elements ]

Class: Bs_Cug

Source Location: /core/auth/cug/Bs_Cug.class.php

Class Overview

Bs_Object
   |
   --Bs_Cug

Closed User Group (Cug) Class


Author(s):

Version:

  • 4.3.$Revision: 1.4 $ $Date: 2003/10/29 17:48:37 $

Copyright:

  • blueshoes.org

Variables

Methods


Child classes:

Bs_CugArray
Cug Class using an array. extended from Bs_Cug, look there too.
Bs_CugDb
CUG Class using a database. Extended from Bs_Cug, look there too.

Inherited Variables

Inherited Methods

Class: Bs_Object

Bs_Object::Bs_Object()
Bs_Object::getErrors()
Basic error handling: Get *all* errors as string array from the global Bs_Error-error stack.
Bs_Object::getLastError()
Basic error handling: Get last error string from the global Bs_Error-error stack.
Bs_Object::getLastErrors()
Basic error handling: Get last errors string array from the global Bs_Error-error stack sinc last call of getLastErrors().
Bs_Object::persist()
Persists this object by serializing it and saving it to a file with unique name.
Bs_Object::setError()
Basic error handling: Push an error string on the global Bs_Error-error stack.
Bs_Object::toHtml()
Dumps the content of this object to a string using PHP's var_dump().
Bs_Object::toString()
Dumps the content of this object to a string using PHP's var_dump().
Bs_Object::unpersist()
Fetches an object that was persisted with persist()

Class Details

[line 47]
Closed User Group (Cug) Class

this class is used to manage closed user groups. cug's are secured parts of a website that only some ppl can access, usually based on login (user/ pass) information.

this class needs a session. it uses the global one if it exists, otherwise it creates the global one. if it creates one it will be a Bs_SimpleSession as of bs4.4, and not a Bs_SessionFile anymore. if you need the old style, you may want to create it first, or set an option in this class. it also needs the bs form stuff to show and handle the login form.

dependencies: Bs_Password, Bs_Form (which starts a chain of includes), HtmlTable, Bs_SessionFile




Tags:

access:  public
pattern:  singleton: (pseudostatic)
version:  4.3.$Revision: 1.4 $ $Date: 2003/10/29 17:48:37 $
copyright:  blueshoes.org
author:  andrej arn <at blueshoes dot org>
todo:  when the user gets to the login form, include the url he's coming from so after a successful login we can redirect him to where he was. just like we do it in the browscap class.


[ Top ]


Class Variables

$actionOnHack =

[line 176]

currently emails the admin (webmaster) on the 3rd hack attempt.

ideas are: blockIP blockCnet blockUsername alertWebmaster ...




Tags:

see:  Bs_Cug::$checkForHack
access:  public

Type:   string


[ Top ]

$bsSession =

[line 74]

reference to global session object.


Type:   object


[ Top ]

$checkCaseSensitive =  0

[line 209]

how should username and password be compared? case sensitive or not?

  1. = yes (all case sensitive) = BS_CUG_CASE_SENSITIVE_YES
  2. = only username = BS_CUG_CASE_SENSITIVE_ONLY_USERNAME
  3. = only password = BS_CUG_CASE_SENSITIVE_ONLY_PASSWORD
  4. = no (all case insensitive) = BS_CUG_CASE_SENSITIVE_NO




Tags:

access:  public

Type:   int


[ Top ]

$checkForHack =  TRUE

[line 160]

if we should check for hack attempts or not.

logins like root/root, guest/guest, letmein etc are considered hacks. the 3rd such login attempt will result in some action.




Tags:

var:  (default is TRUE)
see:  var $actionOnHack
access:  public

Type:   bool


[ Top ]

$errorMsg =

[line 249]

the error msg of the last error that occured.


Type:   string


[ Top ]

$form =

[line 60]

an instance of bs_form.


Type:   object


[ Top ]

$formAction =

[line 116]

the <form action=""> part. will be set to the form if set here.

i currently recommend doing it.




Tags:

access:  public
since:  bs4.3dev

Type:   string


[ Top ]

$formTarget =  '_top'

[line 125]

the target the login form submits to.

default is '_top'. i think that's a good thing for most forms. if you want no target, unset() this var. empty is not enough.




Tags:

access:  public

Type:   string


[ Top ]

$language =  'en'

[line 132]

the language used



Tags:

var:  (default is 'en'.)
access:  public

Type:   string


[ Top ]

$logAttempts =  1

[line 196]

should we log login attempts?

!!! important !!!: due to the current setup, to be able to determine the number of failed logins in a row or hack attempts, we need to log *all* login attempts, also the good ones. otherwise that "in a row" thing won't work. it could be done differently by saving a counter in the user table, but it's not. recode it if you feel like doing it, i don't.

  1. = no
  2. = yes, all (=default)
  3. = failed only
  4. = successful only




Tags:

access:  public

Type:   int


[ Top ]

$maxNumAttempts =  0

[line 141]

how many login attempts does the user have?
  1. means 'no limit'.




Tags:

todo:  implement this feature.
access:  public

Type:   int


[ Top ]

$recoverPasswordByUsernameForm =

[line 68]

the form object to use when displaying the "recover password by username" form.



Tags:


Type:   object


[ Top ]

$redirectPage =  'frameset.php'

[line 107]

!!!deprecated!!! the page (maybe with directory) to which the user will be redirected once the login was successful.



Tags:

deprecated:  
access:  public

Type:   string


[ Top ]

$unixLikeDoubleTimeout =  TRUE

[line 149]

whether to use the unix-like double timeout after each wrong login attempt in a row. by default this is on.



Tags:

access:  public

Type:   bool


[ Top ]

$userFieldNames = array(
    'user'          => 'user', 
    'pass'          => 'pass', 
    'isActive'      => 'isActive', 
    'startDatetime' => 'startDatetime', 
    'endDatetime'   => 'endDatetime', 
    'email'         => 'email'
  )

[line 235]

the captions of the keys.

these are the defaults and recommended, you may need to change them based on your data structure (array or db or file implementation or whatever).

var $userFieldNames = array( 'user' => 'user', 'pass' => 'pass', 'isActive' => 'isActive', 'startDatetime' => 'startDatetime', 'endDatetime' => 'endDatetime', 'email' => 'email' );

user and pass are for authentication, isActive startDatetime and endDatetime for the lifecycle, email is to automatically send the password to the user. if something is not there, that feature cannot be used (lifecycle/email).

note: take care that you don't choose reserved names, eg 'password' for mysql.




Tags:

var:  (hash, see above)
access:  public

Type:   array


[ Top ]

$_APP =

[line 53]

reference to the global settings hash.


Type:   array


[ Top ]

$_postVars =

[line 85]

reference to the HTTP_POST_VARS array.

gets set in the constructor.

we could just use $_POST, but this way we have the option to use something different. may be needed.



Type:   array


[ Top ]



Class Methods


constructor Bs_Cug [line 271]

Bs_Cug Bs_Cug( string $cugName, [array $postData = NULL])

Constructor.



Parameters:

string   $cugName  
array   $postData   (default is NULL which means use $_POST. only pass something if really needed.)

[ Top ]

method createPassword [line 724]

string createPassword( )

creates a new pronounceable password and returns it.



Tags:

access:  public


[ Top ]

method getLoginForm [line 335]

string getLoginForm( )

returns the login form as html code.



Tags:

access:  public


[ Top ]

method letMeIn [line 314]

bool letMeIn( )

tells if the session is registered, the user is logged in.

if this returns false we need to display the login form to the user.




Tags:

access:  public


[ Top ]

method loadLoginForm [line 601]

void loadLoginForm( )

loads a default login form if no login form has been assigned before.



[ Top ]

method loadRecoverPasswordByUsernameForm [line 662]

void loadRecoverPasswordByUsernameForm( [bool $doItAnyway = FALSE])

loads a default "recover password by username" form.



Parameters:

bool   $doItAnyway   (if it should be done even if it already exists, default is FALSE.)

[ Top ]

method logout [line 325]

void logout( )

logs out the user from this cug, does *not* kill the session cause it might be needed for other things.



Tags:

access:  public


[ Top ]

method looksLikeHack [line 706]

bool looksLikeHack( string $password, [string $username = null])

let's see if this failed attempt looks like a hack.

uses Bs_Password which might need some mysql db tables.




Tags:

return:  (also returns FALSE if we don't know.)
access:  public


Parameters:

string   $password  
string   $username  

[ Top ]

method redirect [line 465]

void redirect( )

!!!deprecated!!! redirects to the specified page.



Tags:

return:  (of course, your script won't continue.)
deprecated:  
access:  public


[ Top ]

method registerValidator [line 491]

void registerValidator( string $func, [object $obj = NULL])

registers a global validator function (or object method) that needs to be passed in order to successfully pass the "validate login" checks.

examples: $cug->registerValidator('passThis'); => the global function passThis() will be called. $cug->registerValidator('passThis', $myObj); => the $myObj->passThis method will be called.

the return of the registered callback function/method has to:

  • return bool TRUE if everything is ok.
  • return string (error message) if there was an error.
the callback function/method receives one array as param. it is the user data (database record, whatever). so for the keys of the hash look at $this->userFieldNames.




Tags:

since:  bs4.3
see:  var $this->_registeredValidators
access:  public


Parameters:

string   $func  
object   $obj   (give it by REFERENCE!!! (can't take it by ref cause it's not a mandatory param.))

[ Top ]

method treatLoginForm [line 356]

mixed treatLoginForm( )

treats the login form.

if there was a successful login, you get bool TRUE back. otherwise (or on the first display) you get an html string back (the html login form).

in the past this function redirected automatically after a successful login. that changed now, cause you may need to do other stuff, eg register some session vars. feel free to use $this->redirect() yourself. 2002/04/18 --andrej




Tags:

return:  (see above)
access:  public


[ Top ]

method treatRecoverPasswordByUsernameForm [line 389]

mixed treatRecoverPasswordByUsernameForm( )

treats the "recover password by username" form.



Tags:

access:  public


[ Top ]

method _logAttempt [line 737]

void _logAttempt( )

overwrite this method.



[ Top ]

method _validateLogin [line 505]

mixed _validateLogin( array $dataHash)

developer: if you subclass then overwrite this method, and make sure this gets called after you validated what you can. here we'll see if there are registered validators to call, and do the work. on the first error we stop and return.



Tags:

return:  (bool TRUE, or string error message.)


Parameters:

array   $dataHash  

[ Top ]


Documentation generated on Mon, 29 Dec 2003 21:08:22 +0100 by phpDocumentor 1.2.3