VCL
[ class tree: VCL ] [ index: VCL ] [ all elements ]
Packages:
VCL

Source for file auth.inc.php

Documentation is available at auth.inc.php

  1. <?php
  2. /**
  3. *  This file is part of the VCL for PHP project
  4. *
  5. *  Copyright (c) 2004-2007 qadram software <support@qadram.com>
  6. *
  7. *  Checkout AUTHORS file for more information on the developers
  8. *
  9. *  This library is free software; you can redistribute it and/or
  10. *  modify it under the terms of the GNU Lesser General Public
  11. *  License as published by the Free Software Foundation; either
  12. *  version 2.1 of the License, or (at your option) any later version.
  13. *
  14. *  This library is distributed in the hope that it will be useful,
  15. *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17. *  Lesser General Public License for more details.
  18. *
  19. *  You should have received a copy of the GNU Lesser General Public
  20. *  License along with this library; if not, write to the Free Software
  21. *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  22. *  USA
  23. *
  24. */
  25.  
  26. use_unit("forms.inc.php");
  27. use_unit("classes.inc.php");
  28. use_unit("dbtables.inc.php");
  29.  
  30. /**
  31.  * Basic User class
  32.  *
  33.  * A common base class for user authentication, inherit from it to create new
  34.  * types of authentication
  35.  */
  36. class User extends Component
  37. {
  38.         protected $_logged;
  39.  
  40.         function __construct($aowner=null)
  41.         {
  42.                 //Calls inherited constructor
  43.                 parent::__construct($aowner);
  44.         }
  45.  
  46.         /**
  47.          * Specifies whether the user is logged or not
  48.          *
  49.          * @return boolean 
  50.          */
  51.         function readLogged(return $this->_logged;   }
  52.         function writeLogged($value$this->_logged=$value}
  53.  
  54.          /**
  55.          * Authenticate the user inside the system
  56.          * @param string $username Name of the user to authenticate
  57.          * @param string $password Password of the user to authenticate
  58.          */
  59.         function Authenticate($username$password)
  60.         {
  61.         }
  62.  
  63. }
  64.  
  65. /**
  66.  * DatabaseUser can be used to authenticate an user against a database table
  67.  *
  68.  * Set DriverName, Host, User, Password, FieldName and TableName to allow the component
  69.  * find the information to authenticate
  70.  *
  71.  */
  72. class DatabaseUser extends User
  73. {
  74.         protected $_logged;
  75.  
  76.         protected $_drivername="";
  77.         protected $_databasename="";
  78.         protected $_host="";
  79.         protected $_user="";
  80.         protected $_password="";
  81.  
  82.         protected $_userstable="";
  83.         protected $_usernamefieldname="";
  84.         protected $_passwordfieldname="";
  85.  
  86.         /**
  87.          * Table that stores the user information
  88.          *
  89.          * @return string 
  90.          */
  91.         function getUsersTable(return $this->_userstable;   }
  92.         function setUsersTable($value$this->_userstable=$value}
  93.  
  94.         /**
  95.          * Field name of the column that stores the user name
  96.          *
  97.          * @return string 
  98.          */
  99.         function getUserNameFieldName(return $this->_usernamefieldname;     }
  100.         function setUserNameFieldName($value$this->_usernamefieldname=$value}
  101.  
  102.         /**
  103.          * Field name of the column that stores the password
  104.          *
  105.          * @return string 
  106.          */
  107.         function getPasswordFieldName(return $this->_passwordfieldname;     }
  108.         function setPasswordFieldName($value$this->_passwordfieldname=$value}
  109.  
  110.         /**
  111.          * Type of database, it uses a Database component, so the value for this
  112.          * property is the same as the Database::DriverName property
  113.          *
  114.          * @return string 
  115.          */
  116.         function getDriverName(return $this->_drivername;   }
  117.         function setDriverName($value$this->_drivername=$value}
  118.  
  119.         /**
  120.          * Database name
  121.          *
  122.          * @return string 
  123.          */
  124.         function getDatabaseName(return $this->_databasename;       }
  125.         function setDatabaseName($value$this->_databasename=$value}
  126.  
  127.         /**
  128.          * Host of the server
  129.          *
  130.          * @return string 
  131.          */
  132.         function getHost(return $this->_host;       }
  133.         function setHost($value$this->_host=$value}
  134.  
  135.         /**
  136.          * User name to authentitcate
  137.          *
  138.          * @return string 
  139.          */
  140.         function getUser(return $this->_user;       }
  141.         function setUser($value$this->_user=$value}
  142.  
  143.         /**
  144.          * Password to authenticate
  145.          *
  146.          * @return unknown 
  147.          */
  148.         function getPassword(return $this->_password;       }
  149.         function setPassword($value$this->_password=$value}
  150.  
  151.         /**
  152.         * Authenticate an user
  153.         * @param string $username Username to authenticate
  154.         * @param string $passwrod Password of the user
  155.         */
  156.         function Authenticate($username$password)
  157.         {
  158.                 $this->Logged=false;
  159.  
  160.                 //create a database
  161.                 $db=new Database(null);
  162.                 $db->DriverName=$this->DriverName;
  163.                 $db->DatabaseName=$this->DatabaseName;
  164.                 $db->Host=$this->Host;
  165.                 $db->User=$this->User;
  166.                 $db->Password=$this->Password;
  167.  
  168.                 //open it
  169.                 $db->open();
  170.  
  171.                 //create a table
  172.                 $tb=new Table(null);
  173.                 $tb->Database=$db;
  174.                 $tb->Filter=" ".$this->UserNameFieldName." = '".$username."' ";
  175.                 $tb->TableName=$this->UsersTable;
  176.                 $tb->open();
  177.                
  178.                 $fname=$this->UserNameFieldName;
  179.                 $pname=$this->PasswordFieldName;
  180.  
  181.                 //check if the user&password combination exists
  182.                 if ($tb->RowCount>0)
  183.                 {
  184.                         if (($tb->$fname==$username&& ($tb->$pname==$password))
  185.                         {
  186.                                 $this->Logged=true;
  187.                         }
  188.                 }
  189.                 $this->serialize();
  190.         }
  191. }
  192.  
  193. /**
  194.  * Performs authentication using basic HTTP
  195.  *
  196.  * This component is useful to easily protect web pages just by dropping a component.
  197.  * For basic usage, just set UserName and Password to the valid value to log in
  198.  * and call the Execute() method in the OnBeforeShow event of your page.
  199.  *
  200.  * For more advance usage, @see OnAuthenticate it allows you to authenticate using your
  201.  * own rules.
  202.  */
  203. class BasicAuthentication extends Component
  204. {
  205.         protected $_title="Login";
  206.         protected $_errormessage="Unauthorized";
  207.         protected $_username="";
  208.         protected $_password="";
  209.  
  210.  
  211.         /**
  212.          * Password to request
  213.          *
  214.          * @return string 
  215.          */
  216.         function getPassword(return $this->_password;       }
  217.         function setPassword($value$this->_password=$value}
  218.         function defaultPassword(return "";    }
  219.  
  220.         /**
  221.          * Username to request
  222.          *
  223.          * @return string 
  224.          */
  225.         function getUsername(return $this->_username;       }
  226.         function setUsername($value$this->_username=$value}
  227.         function defaultUsername(return ""}
  228.  
  229.         /**
  230.         * Error message to show when the user is not authenticated
  231.         * @return string 
  232.         */
  233.         function getErrorMessage(return $this->_errormessage}
  234.         function setErrorMessage($value$this->_errormessage=$value}
  235.         function defaultErrorMessage(return "Unauthorized"}
  236.  
  237.         /**
  238.         * Title of the authentication dialog to show the user
  239.         * @return string 
  240.         */
  241.         function getTitle(return $this->_title}
  242.         function setTitle($value$this->_title=$value}
  243.         function defaultTitle(return "Login"}
  244.  
  245.  
  246.  
  247.         protected $_onauthenticate=null;
  248.  
  249.         /**
  250.         * It's fired when the component needs to authenticate the user by code.
  251.         * In $params['username'] you will get the username entered by the user
  252.         * In $params['password'] you will get the password entered by the user
  253.         *
  254.         * Return true if the user should get authenticated, false otherwise
  255.         *
  256.         * @return boolean 
  257.         */
  258.         function getOnAuthenticate(return $this->_onauthenticate}
  259.         function setOnAuthenticate($value$this->_onauthenticate=$value}
  260.         function defaultOnAuthenticate(return ""}
  261.  
  262.         /**
  263.          * Executes the authentication and checks if the user has been authenticated or not
  264.          * If the user is not authenticated, requests again the username/password
  265.          * If the event OnAuthenticate is assigned, valid username/password will be provided by code
  266.          * if not, properties Username/Password will be used to authenticate
  267.          *
  268.          */
  269.         function Execute()
  270.         {
  271.                         //If not is set, requests for it
  272.                 if(!isset($_SERVER['PHP_AUTH_USER']))
  273.                 {
  274.                         header('WWW-Authenticate: Basic realm="' $this->_title'"');
  275.                         header('HTTP/1.0 401 Unauthorized');
  276.                         die($this->_errormessage);
  277.                 }
  278.                 else
  279.                 {
  280.                         //If not it's the right combination, request for it
  281.                         if ($this->OnAuthenticate!=null)
  282.                         {
  283.                                 $result=$this->callEvent('onauthenticate'array('username'=>$_SERVER['PHP_AUTH_USER'],'password'=>$_SERVER['PHP_AUTH_PW']));
  284.                                 if (!$result)
  285.                                 {
  286.                                         header('WWW-Authenticate: Basic realm="' $this->_title'"');
  287.                                         header('HTTP/1.0 401 Unauthorized');
  288.                                         die($this->_errormessage);
  289.                                 }
  290.                         }
  291.                         else
  292.                         {
  293.                                 if (($_SERVER['PHP_AUTH_USER'!= $this->_username|| ($_SERVER['PHP_AUTH_PW'!= $this->_password))
  294.                                 {
  295.                                         header('WWW-Authenticate: Basic realm="' $this->_title'"');
  296.                                         header('HTTP/1.0 401 Unauthorized');
  297.                                         die($this->_errormessage);
  298.                                 }
  299.                         }
  300.                 }
  301.         }
  302. }
  303.  
  304. ?>
Documentation generated on Tue, 27 Mar 2007 13:33:14 +0200 by phpDocumentor 1.3.1