auUser

From auWiki
Jump to navigation Jump to search

The auUser class is part of the auLib package. It provides common functions for users, and needs to be extended in order to work with a site's specific users table.

Usage

auUser implements some functions that are most likely useful to any site's user system. Since different sites will usually have different needs for their user systems, this class does not implement any specifics and should be extended by each site in order to do so.

Constants

_AU_USER_SESS_TIMEOUT

How long a user can go between page requests before their session times out and they are no longer considered logged in. It's possible that the lifetime of the session cookie sent by PHP will be shorter than this time, depending on settings.

_AU_USER_COOKIE_LIFE

How long the "remember me" cookie should last.

_AU_USER_COOKIE_NAME

Name the "remember me" cookie should be saved under. The default value is autologin.

_HOST

If not defined already when auUser is included, this will get set to the host name with www or similar removed. For example, with a hostname of www.track7.org, _HOST will be set to track7.org. This is used for removing the domain part of links to the same site.

Public Data

$Valid

True if the object represents a valid user.

$LoginMessage

Results of trying to log in.

$ID

Logged-in user's ID, if the user is valid.

$Name

Logged-in user's display name, if user is valid.

Protected Data

$db

Connection to the database (usually an auDB object).

$homepage

Page to load after login. Change this value in GetUserInfo() to send the user to a specific page.

Public Functions

new auUser

new auUser($db)

Creates a new user object. Normally this function should not need to be overridden by classes that extend auUser.

  • $db = Database connection for looking up user information.

EncryptPassword

EncryptPassword($password)

Encrypts a plain-text password for storing in a cookie or the database.

  • $password = Plain-text password to encrypt.
  • @return = Encrypted password.

CheckPassword

CheckPassword($password, $hash)

Checks a plain-text password against an encrypted password.

  • $password = Plain-text password.
  • $hash = Encrypted password.
  • @return = True if passwords match.

Protected Functions

Classes that extend auUser might find these functions useful, but they are not generally available.

ProcessRegistrationForm

ProcessRegistrationForm()

Attempts to process the user registration form (must be overridden to use site-specific user data).

  • @return = True if user was successfully registered and logged in.

GetUserInfo

GetUserInfo($id, $login, $password, $hashed)

Gets user information from the database (must be overridden to get site-specific user data).

  • $id = Look up information for user with this ID.
  • $login = True if the user is logging in (i.e. from the login form or from the auto-login cookie). Default is not logging in.
  • $password = If present, this password is checked against the user's password stored in the database. Default is not to check a password.
  • $hashed = Set this to true if $password is set to the hashed version of the user's password. Default is not hashed.
  • @return = True if user information was retrieved.

GetGuestInfo

GetGuestInfo()

Gets user information for a guest user (should be overridden to get site-specific user data).

UpdatePassword

UpdatePassword($newpass)

Updates the password for the user to use the latest hash algorithm (should be overridden to update site-specific user data). This function is called automatically when a user whose password is stored using a previous hash algorithm logs in. use EncryptPassword to get the new hash, then store that value in the database. The base function simply gets the new hash. Since it doesn’t store the hash by default, not overriding this function simply won’t update users to the new hash algorithm at login meaning the new algorithm is only used by new users and password changes.

  • $newpass = The password in plain-text.