software:dailydata:libraries:php_user
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
software:dailydata:libraries:php_user [2021/08/25 16:54] – created rodolico | software:dailydata:libraries:php_user [2021/09/22 01:30] (current) – rodolico | ||
---|---|---|---|
Line 3: | Line 3: | ||
I got frustrated trying to find a class or library to authenticate user logins in PHP. The ones I found were either too simplistic, or required me to " | I got frustrated trying to find a class or library to authenticate user logins in PHP. The ones I found were either too simplistic, or required me to " | ||
- | So, I decided to dust off the neurons and see if I could build one. I decided to make it as flexible as possible, with only the very basics, but able to be enhanced via data calls. I also decided to make the data access independent of the class itself so data access classes could be (re)written for tasks other than MySQL using the mysqli library. | + | So, I decided to dust off the neurons and see if I could build one. I decided to make it as flexible as possible, with only the very basics, but able to be enhanced via data calls. I also decided to make the data access independent of the class itself so data access classes could be written for tasks other than MySQL using the mysqli library. |
+ | |||
+ | Because of this, usersDataSource is an abstract class which can not be instantiated. Instead, you must extend the class, defining all of the abstract methods in the abstract. We've done this with the UsersDataSourceMySQLi class. | ||
By itself, the users class (with a data access class usersDataSource like the included UsersDataSourceMySQLi class) handles basic login/ | By itself, the users class (with a data access class usersDataSource like the included UsersDataSourceMySQLi class) handles basic login/ | ||
Line 13: | Line 15: | ||
You can get a copy of this from our subversion repository | You can get a copy of this from our subversion repository | ||
<code bash> | <code bash> | ||
- | svn co http:// | + | svn co http:// |
</ | </ | ||
My working copy is at | My working copy is at | ||
http:// | http:// | ||
but I recommend NOT using that as I use trunk as my personal playground and will commit broken code to it regularly | but I recommend NOT using that as I use trunk as my personal playground and will commit broken code to it regularly | ||
+ | |||
+ | An extension of this basic class which adds boolean permissions is the [[software: | ||
==== Basic System ==== | ==== Basic System ==== | ||
Line 26: | Line 30: | ||
create or replace table _users ( | create or replace table _users ( | ||
| | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
| | ||
); | ); | ||
Line 39: | Line 43: | ||
* users with enabled set to false (0) will not be able to log in | * users with enabled set to false (0) will not be able to log in | ||
- | NOTE: the usersDataSource | + | NOTE: the usersDataSourceMySQLi |
IMPORTANT: to allow the Users class to work with a wide variety of data types, it does no data access itself. It requires a data access class. | IMPORTANT: to allow the Users class to work with a wide variety of data types, it does no data access itself. It requires a data access class. | ||
Line 52: | Line 56: | ||
| | ||
| | ||
- | | + | |
null, | null, | ||
| | ||
Line 75: | Line 79: | ||
</ | </ | ||
- | This example is using the usersDataSource | + | This example is using the UsersDataSourceMySQLi |
If you run it the first time with <code php> | If you run it the first time with <code php> | ||
Line 89: | Line 93: | ||
==== CSS ==== | ==== CSS ==== | ||
- | I tried to not put any HTML layout into the code, relying instead on CSS. Everything is supposed to have a class and be wrapped in a <div> with a class. Following are the classes I have in the code (I THINK). | + | I tried to not put any HTML layout into the code, relying instead on CSS (Thanks, Randell). Everything is supposed to have a class and be wrapped in a <div> with a class. Following are the classes I have in the code (I THINK). |
* login_field = This is the class of all INPUT fields, and div's surrounding them | * login_field = This is the class of all INPUT fields, and div's surrounding them | ||
* login_form | * login_form | ||
Line 124: | Line 128: | ||
' | ' | ||
// a regex to run it against to verify it is ok | // a regex to run it against to verify it is ok | ||
- | ' | + | ' |
// == for Data Source == | // == for Data Source == | ||
Line 140: | Line 144: | ||
</ | </ | ||
- | Now, when we instantiate a new object of class Users AND class usersDataSource, we simply pass this array in. | + | Now, when we instantiate a new object of class Users AND class UsersDataSourceMySQLi, we simply pass this array in. |
< | < | ||
- | $connection = new usersDataSource( | + | $connection = new UsersDataSourceMySQLi( |
null, | null, | ||
| | ||
Line 151: | Line 155: | ||
$_SESSION[' | $_SESSION[' | ||
} | } | ||
- | </php> | + | </code> |
Note that since we replicated the basic structure of $dbDefinition in Users and usersDataSource, | Note that since we replicated the basic structure of $dbDefinition in Users and usersDataSource, | ||
Line 158: | Line 162: | ||
This is not limited to adding new columns; you can modify the display definitions also, ie how the information is stored on the screen, to some extent. | This is not limited to adding new columns; you can modify the display definitions also, ie how the information is stored on the screen, to some extent. | ||
+ | |||
+ | === New Column Definitions === | ||
+ | |||
+ | Note: If a new column is defined with the name (see below) of 'last password change', | ||
+ | |||
+ | The structure of a new column only requires a value for | ||
+ | * type | ||
+ | * html type | ||
+ | * dbColumn | ||
+ | Defaults (generally empty strings) will be used for anything else. | ||
+ | |||
+ | == key name == | ||
+ | The key is used throughout the program to identify what column we are working on. It can be any value that can be used as a PHP hash key. | ||
+ | |||
+ | == html type (required) == | ||
+ | This determines how the field is displayed and processed during editing. Accepted values are: | ||
+ | * text - standard text input field, corresponds to SQL varchar or char field | ||
+ | * textarea - multi-line strings of arbitrary lenght, corresponds to mysql text field | ||
+ | * boolean - displayed as checkbox, corresponds to mysql bool and/or tinyint (ie, 0 and 1 only) | ||
+ | * password - displayed as a type=' | ||
+ | Any value not in the list above will probably result in weird errors. | ||
+ | |||
+ | == dbColumn (required) == | ||
+ | This is the column name in the database for this field, and all sql uses this value when accessing a column. | ||
+ | |||
+ | == type (required for creating tables) == | ||
+ | this is a valid MySQL database type used by the buildTable function to create the table, ie varchar, char, | ||
+ | |||
+ | == label == | ||
+ | If set, will be the label for the input screens. If not defined, the label defaults to the key. | ||
+ | |||
+ | == instructions == | ||
+ | Replaces the html TITLE attribute for an INPUT, which is displayed by default on a hover. If not set, defaults to an empty string. | ||
+ | |||
+ | == hint == | ||
+ | Placed in the PLACEHODER attribute for an INPUT. Displayed in an empty text field most of the time. If not set, defaults to an empty string. | ||
+ | |||
+ | == restrict == | ||
+ | If set to true, will not be displayed when a user is editing their own record (so, not updateable by a user). Examples would be admin and enabled, which would not be something a user should change themselves. If an admin is editing a different user, these fields are available. | ||
+ | |||
+ | == filter == | ||
+ | If set, this is assumed to be a regular express. The result of the input is checked against the regex. If it does not match the regex, the update is declined and an error message displayed. By default, the username can only be alpha-numeric and an underscore, so the regex '/ | ||
+ | |||
+ | == size == | ||
+ | For database creation, if set, will create a column (like varchar) with this size, ie size=' | ||
+ | |||
+ | == required == | ||
+ | For database creation, sets the NOT NULL attribute to the column | ||
+ | |||
+ | == default == | ||
+ | For database creation, sets the DEFAULT attribute for the column | ||
==== usersDataSource ==== | ==== usersDataSource ==== | ||
- | This is our data access class. | + | This is our data access class. |
This code accesses the data (duh), and is consistently called $connection in the Users class. The only requirement is that it must be able to implement the following functions | This code accesses the data (duh), and is consistently called $connection in the Users class. The only requirement is that it must be able to implement the following functions | ||
Line 175: | Line 230: | ||
I separated this out from the Users class because not all programs need database access. For instance, the favorites_urls app uses file based storage, so by writing a new access class for it, we will hopefully be able to get the same functionality, | I separated this out from the Users class because not all programs need database access. For instance, the favorites_urls app uses file based storage, so by writing a new access class for it, we will hopefully be able to get the same functionality, | ||
- | ==== Future ==== | ||
- | |||
- | This is only the initial part of this particular project. I now intend to extend both classes to allow boolean permissions which will be integrated into our new version of CAMP, giving very granular rights to users. It will be available as a second set of files in this repository and is planned for release by October 2021. | ||
software/dailydata/libraries/php_user.1629928464.txt.gz · Last modified: 2021/08/25 16:54 by rodolico