/includes/authentication.php

Description
Description | Functions

MySQL User and Authentication functions

This file contains the MySQL specific functions for working with users and authenticating them. It also handles the internal mail messages, favorites, news/journal, and storage of MyGedView customizations. Assumes that a database connection has already been established.

You can extend PhpGedView to work with other systems by implementing the functions in this file. Other possible options are to use LDAP for authentication.

$Id: authentication.php 981 2007-03-21 13:24:38Z fisharebest $

phpGedView: Genealogy Viewer Copyright (C) 2002 to 2007 John Finlay and Others

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

Functions
Description | Functions
addFavorite (line 1341)

stores a new favorite in the database

void addFavorite (array $favorite)
  • array $favorite: the favorite array of the favorite to add
addMessage (line 1204)
void addMessage ( $message)
  • $message
addNews (line 1517)

Adds a news item to the database

This function adds a news item represented by the $news array to the database. If the $news array has an ["id"] field then the function assumes that it is as update of an older news item.

  • author: John Finlay
void addNews (array $news)
  • array $news: a news item array
AddToChangeLog (line 1171)
void AddToChangeLog ( $LogString, [ $ged = ""])
  • $LogString
  • $ged
AddToLog (line 1099)

add a message into the log-file

  • return: returns the log line if successfully inserted into the log
string AddToLog (string $LogString, [boolean $savelangerror = false])
  • string $LogString: the message to add
  • boolean $savelangerror
AddToSearchLog (line 1133)
void AddToSearchLog ( $LogString,  $allgeds)
  • $LogString
  • $allgeds
addUser (line 723)

Add a new user

Adds a new user to the data store

void addUser (array $newuser, [string $msg = "added"])
  • array $newuser: The new user array to add
  • string $msg: The log message to write to the log
adminUserExists (line 403)

does an admin user exits

Checks to see if an admin user has been created

  • return: true if an admin user has been defined
boolean adminUserExists ()
authenticateUser (line 50)

authenticate a username and password

This function takes the given $username and $password and authenticates them against the database. The passwords are encrypted using the crypt() function. The username is stored in the $_SESSION["pgv_user"] session variable.

  • return: return true if the username and password credentials match a user in the database return false if they don't
bool authenticateUser (string $username, string $password, [boolean $basic = false])
  • string $username: the username for the user attempting to login
  • string $password: the plain text password to test
  • boolean $basic: true if the userName and password were retrived via Basic HTTP authentication. Defaults to false. At this point, this is only used for logging
basicHTTPAuthenticateUser (line 103)

authenticate a username and password using Basic HTTP Authentication

This function uses authenticateUser(), for authentication, but retrives the userName and password provided via basic auth.

  • return: return true if the user is already logged in or the basic HTTP auth username and password credentials match a user in the database return false if they don't
  • TODO: Security audit for this functionality
  • TODO: Do we really need a return value here?
  • TODO: should we reauthenticate the user even if already logged in?
  • TODO: do we need to set the user language and other jobs done in login.php? Should that loading be moved to a function called from the authenticateUser function?
bool basicHTTPAuthenticateUser ()
checkTableExists (line 435)

check if the user database tables exist

If the tables don't exist then create them If the tables do exist check if they need to be upgraded to the latest version of the database schema.

void checkTableExists ()
create_export_user (line 884)

creates a user as reference for a gedcom export

void create_export_user (string $export_accesslevel)
  • string $export_accesslevel
deleteFavorite (line 1376)

deleteFavorite

deletes a favorite in the database

void deleteFavorite (int $fv_id)
  • int $fv_id: the id of the favorite to delete
deleteMessage (line 1304)
void deleteMessage ( $message_id)
  • $message_id
deleteNews (line 1552)

Deletes a news item from the database

  • author: John Finlay
void deleteNews (int $news_id)
  • int $news_id: the id number of the news item to delete
deleteUser (line 862)

deletes the user with the given username.

void deleteUser (string $username, [string $msg = "deleted"])
  • string $username: the username to delete
  • string $msg: a message to write to the log file
getBlocks (line 1430)

get blocks for the given username

retrieve the block configuration for the given user if no blocks have been set yet, and the username is a valid user (not a gedcom) then try and load the defaultuser blocks.

  • return: an array of the blocks. The two main indexes in the array are "main" and "right"
array getBlocks (string $username)
  • string $username: the username or gedcom name for the blocks
getNewsItem (line 1594)

Gets the news item for the given news id

void getNewsItem (int $news_id)
  • int $news_id: the id of the news entry to get
getUser (line 939)

get a user array

finds a user from the given username and returns a user array of the form defined at http://www.phpgedview.net/devdocs/arrays.php#user

  • return: the user array to return
array getUser (string $username)
  • string $username: the username of the user to return
getUserByGedcomId (line 1020)

get a user from a gedcom id

finds a user from their gedcom id

  • return: returns a user array
array getUserByGedcomId (string $id, string $gedcom)
  • string $id: the gedcom id to to search on
  • string $gedcom: the gedcom filename to match
getUserFavorites (line 1391)

Get a user's favorites

Return an array of a users messages

void getUserFavorites (string $username)
  • string $username: the username to get the favorites for
getUserMessages (line 1316)
void getUserMessages ( $username)
  • $username
getUserName (line 245)

get the current username

gets the username for the currently active user

  1. first checks the session
  2. then checks the remember cookie

  • return: the username of the user or an empty string if the user is not logged in
string getUserName ()
getUserNews (line 1567)

Gets the news items for the given user or gedcom

void getUserNews (String $username)
  • String $username: the username or gedcom file name to get news items for
getUsers (line 177)

return a sorted array of user

returns a sorted array of the users in the system

array getUsers ([string $field = "username"], [string $order = "asc"], [ $sort2 = "firstname"])
  • string $field: the field in the user array to sort on
  • string $order: asc or dec
  • $sort2
setBlocks (line 1475)

Set Blocks

Sets the blocks for a gedcom or user portal the $setdefault parameter tells the program to also store these blocks as the blocks used by default

void setBlocks (String $username, array $ublocks, [boolean $setdefault = false])
  • String $username: the username or gedcom name to update the blocks for
  • array $ublocks: the new blocks to set for the user or gedcom
  • boolean $setdefault: if true tells the program to also set these blocks as the blocks for the defaultuser
updateUser (line 789)

Update a user

Updates a user's record in the data store

void updateUser (string $username, array $newuser, [string $msg = "updated"])
  • string $username: The username of the user to update
  • array $newuser: The new user array to add
  • string $msg: The log message to write to the log
userAutoAccept (line 387)

Should user's changed automatically be accepted

  • return: true if the changes should automatically be accepted
boolean userAutoAccept ([string $username = ""])
  • string $username: the user name of the user to check
userCanAccept (line 365)

Can user accept changes

takes a username and checks if the user has write privileges to change the gedcom data and accept changes

  • return: true if user can accept false if user cannot accept
boolean userCanAccept (string $username)
  • string $username: the username of the user check privileges
userCanAccess (line 319)

check if the given user has access privileges on this gedcom

takes a username and checks if the user has access privileges to view the private gedcom data.

  • return: true if user can access false if they cannot
boolean userCanAccess (string $username)
  • string $username: the username of the user to check
userCanEdit (line 341)

check if the given user has write privileges on this gedcom

takes a username and checks if the user has write privileges to change the gedcom data. First check if the administrator has turned on editing privileges for this gedcom

  • return: true if user can edit false if they cannot
boolean userCanEdit (string $username)
  • string $username: the username of the user to check
userGedcomAdmin (line 295)

check if given username is an admin for the current gedcom

takes a username and checks if the user has administrative privileges to change the configuration files for the currently active gedcom

void userGedcomAdmin ( $username, [ $ged = ""])
  • $username
  • $ged
userIsAdmin (line 280)

check if given username is an admin

takes a username and checks if the user has administrative privileges to change the configuration files

void userIsAdmin ( $username)
  • $username
userLogout (line 123)

logs a user out of the system

void userLogout ([string $username = ""])
  • string $username: optional parameter to logout a specific user
userUpdateLogin (line 158)

Updates the login time in the database of the given user

The login time is used to automatically logout users who have been inactive for the defined session time

void userUpdateLogin (string $username)
  • string $username: the username to update the login info for

Documentation generated on Wed, 28 Mar 2007 09:54:07 -0600 by phpDocumentor 1.3.1