Location: PHPKode > scripts > XS PHP Library > xs-php-library/inc/auth.inc.php
<?php
//
// +--------------------------------------------------------------------------+
// |                                                                          |
// |                   XS PHP Library  Generic Classes Library                |
// |                                                                          |
// |                   Copyright (c) 2001-2002 XSPHPLib Group.                |
// |                                                                          |
// +--------------------------------------------------------------------------+
// |                                                                          |
// | Distributed under the terms of the GNU Lesser General Public License as  |
// | published by the Free Software Foundation version 2.1                    |
// | See the GNU Lesser General Public License for more details. You should   |
// | have received a copy of the GNU Lesser General Public License along with |
// | this package; if not, write to the Free Software Foundation, Inc.,       |
// | 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.                 |
// |                                                                          |
// +--------------------------------------------------------------------------+
// |                                                                          |
// | Authors: Robert Bala <hide@address.com>                                   |
// |                                                                          |
// +--------------------------------------------------------------------------+
//
// $Id: auth.inc.php,v 1.2 2002/11/28 09:50:30 rbala Exp $

/**
 * System defined user permission.
 *
 * This level of permission doesn't inherit from other permission.
 */
define('AUTH_PERM_USER', 1 | 0);

/**
 * System defined editor permission.
 *
 * This level of permission inherits from user permission.
 */
define('AUTH_PERM_EDITOR', 1 | 2);

/**
 * System defined admin permission.
 *
 * This level of permission inherits from editor permission.
 */
define('AUTH_PERM_ADMIN', 1 | 2 | 4);
        
/**
 * List of system permission indexed by name.
 *
 * This variable can be modified to customize to specific needs. By default
 * basic levels of permissions are defined. Permissions are identified by name
 * eg user or admin, not by bit masks. If you plan to define your own permission
 * levels you have to create valid bit mask constants and override $auth_perms
 * to access permissions by name.
 *
 * @global string $auth_perms
 * @see AUTH_PERM_USER, AUTH_PERM_EDITOR, AUTH_PERM_ADMIN
 *
 */
$auth_perms = array(
        'user' => AUTH_PERM_USER,
        'editor' => AUTH_PERM_EDITOR,
        'admin' => AUTH_PERM_ADMIN
        );

/**
 * Authentication and Permission class.
 *
 * This is basic class useful to create authentication and permission for
 * web system. Before use it there should be defined login and logout functions
 * and passed to class construtor to handle user verification.
 *
 * @author Robert Bala <hide@address.com>
 * @access public
 * @package core
 * @version $Id: auth.inc.php,v 1.2 2002/11/28 09:50:30 rbala Exp $
 */
class Auth extends Object {
	/**
	 * User access permission.
     * @access private
	 * @var string
	 */
    var $_perms;

	/**
	 * Logged user name.
     * @access private
	 * @var string
	 */
    var $_username;
    
	/**
	 * The user session life time.
     * @access private
	 * @var string
	 */
    var $_lifetime;
    
	/**
     * The user session expire time.
     * @access private
	 * @var int
	 */
    var $_expired;
    
	/**
	 * Reference name of the login function.
     * @access private
	 * @var string
	 */
    var $_auth_login;
    
	/**
	 * Reference name of the logout function.
     * @access private
	 * @var string
	 */
    var $_auth_logout;

    /**
     * Auth class constructor.
     *
     * Creates the new instance of Auth class and sets up basic properties.
     *
     * @access public
     * @param string $login the name of the login function, defaults to null.
     * @param string $logout the name of the logout function, defaults to null.
     * @return void
     */
    function Auth($login=null, $logout=null) {
        Object::Object();
        $this->_perms = '';
        if (isset($login)) {
            $this->_auth_login = $login;
        } else {
            $this->_auth_login = '_auth_login';
        }
        if (isset($logout)) {
            $this->_auth_logout = $logout;
        } else {
            $this->_auth_logout = '_auth_logout';
        }
        $this->_username = '';
        $this->_lifetime = 15;
        $this->_expired = '0';
    }
    
    /**
     * Gets the logged user name.
     *
     * Returns the logged user name or empty string.
     *
     * @access public
     * @return string
     */
    function getUsername() {
        return $this->_username;
    }
    
    /**
     * Gets the logged user permission name.
     *
     * Returns the logged user permission name or empty string.
     *
     * @access public
     * @return string
     */
    function getPerms() {
        return $this->_perms;
    }
    
    /**
     * Attempt to login user to the system.
     *
     * Returns true on success or false on any kind of failure.
     *
     * @access public
     * @param string $username the user name.
     * @param string $password the user password.
     * @return boolean
     */
    function login($username, $password) {
        $_auth_login = $this->_auth_login;
        $params['username'] = $username;
        $params['password'] = $password;
        $this->logout();
        if ($_auth_login($params)) {
            $this->_username = $username;
            if (isset($params['perms'])) {
                $this->_perms = $params['perms'];
            }
            if (isset($params['lifetime'])) {
                $this->_lifetime = $params['lifetime'];
            }
            $this->_expired = time() + (60 * $this->_lifetime);
        } else {
            return false;
        }
        return true;
    }
    
    /**
     * Attempt to logout user from the system.
     *
     * Returns true on success or false on any kind of failure.
     *
     * @access public
     * @return boolean
     */
    function logout() {
        $_auth_logout = $this->_auth_logout;
        $params['username'] = $this->_username;
        $params['lifetime'] = $this->_lifetime;
        if (strlen($this->_username) && $_auth_logout($params)) {
            $this->_perms = '';
            $this->_expired = '0';
            $this->_username = '';
        } else {
            return false;
        }
        return true;
    }
    
    /**
     * Finds whether the user has sufficient permissions.
     *
     * Returns true if the user has sufficient system permissions, false otherwise.
     *
     * @access public
     * @return boolean
     */
    function validPerms($perms) {
        if ($this->isLogged()) {
            $pageperms = split(",", $perms);
            $userperms = split(",", $this->_perms);
            list($pageflag, $pagebits) = _auth_parsePerms($pageperms);
            list($userflag, $userbits) = _auth_parsePerms($userperms);
            $permflag = (($userbits & $pagebits) == $pagebits);
            if (!($permflag && $pageflag && $userflag)) {
                return false;
            } else {
                return true;
            }
        }
        return false;
    }
    
    /**
     * Finds whether the user is logged in the system.
     *
     * Returns true if the user is logged in the system, false otherwise.
     *
     * @access public
     * @return boolean
     */
    function isLogged() {
        if (strlen($this->_username)) {
            if (($this->_lifetime <= 0) || (time() < $this->_expired)) {
                return true;
            }
            $this->logout();
        }
        return false;
    }

}

/**
 * Internal user login function.
 *
 * Always returns false. This is internal function used by {@link Auth::login()}
 * method which should be overrided in class constructor by user defined function.
 * The passed params array contains user information like username, lifetime etc.
 * If the true is set as a function result it means that user is allowed to
 * access the system.
 *
 * @author Robert Bala <hide@address.com>
 * @access private
 * @param array $params the user session params.
 * @return boolean
 */
function _auth_login(&$params) {
    return false;
}

/**
 * Internal user logout function.
 *
 * Always returns true. This is internal function used by {@link Auth::logout()}
 * method which should be overrided in class constructor by user defined function.
 * The passed params array contains user information like username, lifetime etc.
 * If the true is set as a function result it means that user is allowed to
 * logout from the system.
 *
 * @author Robert Bala <hide@address.com>
 * @access private
 * @param array $params the user session params.
 * @return boolean
 */
function _auth_logout($params) {
    return true;
}

/**
 * Permission parsing and matching.
 *
 * This is internal function used by {@link Auth::validPerms()} method.
 *
 * @author Robert Bala <hide@address.com>
 * @access private
 * @param array $perms the permission name list.
 * @return array
 */
function _auth_parsePerms($perms) {
    global $auth_perms;
    if (is_array($perms) && is_array($auth_perms)) {
        $result = 0;
        reset($perms);
        while(list($index, $value) = each($perms)) {
            if (!isset($auth_perms[$value])) {
                return array(false, 0);
            }
            $result |= $auth_perms[$value];
        }
        return array(true, $result);
    }
    return array(false, 0);
}

?>
Return current item: XS PHP Library