# # README.txt # These are the usage instructions for the PHP user management system. # # $Id: README.txt,v 22.214.171.124 2003/06/03 14:12:24 byrnereese Exp $ What is the PHP User Management System? It is a project that enables users to quickly deploy a fully-functional, user registration, email verification, user account management system to their web site in a few easy steps. In fact this simple application enables the following functionality: * user registration system - when users register, their information is stored, and an email is sent to them. Their account will not be activated until they confirm their email address * a account management console - browse the users on your system as an administrator and block people's access to the site by disabling their account * provides a simple interface for users to use to edit their own account details and change their password * if users forget their password, they can request it be mailed to them * once a user is logged in, they receive a cookie so that they do not need to relogin in the future * when user's login to the system, they are cookied. For added security these cookies are encrypted using a key you choose. * utilize a fully customizable permissioning system to limit users' access to your web sites Introduction Once installed, the PHP user management system is loaded by including the 'users.inc' file in your PHP scripts. This can be done using the following PHP command: > require_once("users.inc"); It is recommended that you use 'require_once' so that if other applications or include files also include users.inc that it is only included once. If users.inc cannot be found your scripts will error out indicating that the file could not be found. You may wish to have this automatically prepended for each page request. To do that, add the following line to your Apache httpd.conf file: > php_value auto_prepend_file "$PHP_USERS_HOME/include/users.inc" When you include the users.inc file a variable is automatically made available to your application. It is called: * $_CURRENT_USER THE $_CURRENT_USER VARIABLE The $user variable consists of the following properties and represents the user currently logged in: $_CURRENT_USER->id; # The unique ID of the user $_CURRENT_USER->email; # The email address of the user $_CURRENT_USER->status; # The status (enabled, disabled, unconfirmed) THE $_CURRENT_USER->is_anonymous VARIABLE This variable is equal to 1 or 0 depending upon if a user is logged in. This is useful if you wish to optionally include a login box if the user is not logged in or a navigation menu otherwise (for example). THE $_CURRENT_USER->get_permission FUNCTION The get_permission function is used to determine if a user has been granted a specific permission. The function takes two arguments: the domain and the permission name. The domain allows administrators to associate permissions with a particular application so that permissions for a single user can be managed across multiple web applications. The permission name simply designates what permission to check for. The function returns 1 for granted and 0 for denied. THE include/fragments/loginbox.php FILE This file contains a login box. You can include this file anywhere you want to surface a small form one can use to login to your system. CUSTOMIZING PERMISSIONS The include/permissions.inc file contains the master list of all known permissions in the system. Only permissions defined in this file can be granted and denied to users. Each application that you wish to associate permissions with will edit this file. Keep in mind that because other applications may depend on this file you should be very careful when editing it.