Authority
in package
Provides the methods used for user authorization and management store an instantiation of this class in `$_zp_authority`.
Table of Contents
- $admin_all : mixed
- $admin_groups : mixed
- $admin_other : mixed
- $admin_realusers : mixed
- $admin_users : mixed
- $hashList : mixed
- $preferred_version : mixed
- $rightsset : mixed
- $supports_version : mixed
- $master_user : mixed
- __construct() : lib_auth_options
- class instantiation function
- checkAuthorization() : bit
- Retuns the administration rights of a saved authorization code Will promote an admin to ADMIN_RIGHTS if he is the most privileged admin
- checkCookieCredentials() : mixed
- Checks saved cookies to see if a user is logged in
- checkLogon() : object
- Checks a logon user/password against admins
- checkUniqueMailaddress() : bool
- Checks if the email address being set is already used by another user Returns true if it is, false if not
- getAdminEmail() : array<string|int, mixed>
- Returns the email addresses of the Admin with ADMIN_USERS rights
- getAdministrators() : array<string|int, mixed>
- Returns an array of admin users, indexed by the userid and ordered by "privileges"
- getAnAdmin() : Administrator
- Returns an admin object from the $pat:$criteria
- getAuthCookies() : mixed
- returns an array of the active "password" cookies
- getLogoutURL() : string
- Gets the logout link for backend or frontend if the visitor is a logged in user
- getLogoutURLPageParams() : array<string|int, mixed>|string
- Gets the current page params to generate a logout link of the current page if not using modrewrite
- getMasterUser() : object
- Returns the object of the master user
- getMasterUserName() : type
- Gets the name of the current master user
- getOptionsSupported() : array<string|int, mixed>
- Declares options used by lib-auth
- getResetTicket() : mixed
- getRights() : mixed
- Returns an array of the rights definitions for $version (default returns current version rights)
- getVersion() : mixed
- handleLogon() : mixed
- User authentication support
- handleLogout() : mixed
- Cleans up on logout
- handleOption() : mixed
- Dummy for object inheritance purposes
- hasAdminTable() : bool
- Checks if the administrator table and actual admins exist
- isMasterUser() : bool
- Check if the user name is the master user
- isUniqueMailaddress() : bool
- Checks if the email address being set is already used by another user Returns true if it is, false if not
- logUser() : mixed
- Set log-in cookie for a user
- migrateAuth() : mixed
- Migrates credentials
- newAdministrator() : object
- Instantiates and returns administrator object
- passwordHash() : string
- Returns the hash of the zenphoto password
- pbkdf2() : mixed
- PBKDF2 Implementation (described in RFC 2898)
- printLoginForm() : mixed
- Print the login form for ZP. This will take into account whether mod_rewrite is enabled or not.
- printPasswordForm() : mixed
- printPasswordFormJS() : mixed
- Javascript for password change input handling
- updateAdminField() : mixed
- Updates a field in admin record(s)
- validateTicket() : mixed
Properties
$admin_all
public
mixed
$admin_all
= \NULL
$admin_groups
public
mixed
$admin_groups
= \NULL
$admin_other
public
mixed
$admin_other
= \NULL
$admin_realusers
public
mixed
$admin_realusers
= \null
$admin_users
public
mixed
$admin_users
= \NULL
$hashList
public
static mixed
$hashList
= array('pbkdf2' => 3, 'pbkdf2*' => 2, 'sha1' => 1, 'md5' => 0)
$preferred_version
public
static mixed
$preferred_version
= 4
$rightsset
public
mixed
$rightsset
= \NULL
$supports_version
public
static mixed
$supports_version
= 4
$master_user
protected
mixed
$master_user
= \NULL
Methods
__construct()
class instantiation function
public
__construct() : lib_auth_options
Return values
lib_auth_options —checkAuthorization()
Retuns the administration rights of a saved authorization code Will promote an admin to ADMIN_RIGHTS if he is the most privileged admin
public
checkAuthorization(string $authCode, int $id) : bit
Parameters
- $authCode : string
-
the hash code to check
- $id : int
-
whom we think this is
Return values
bit —checkCookieCredentials()
Checks saved cookies to see if a user is logged in
public
checkCookieCredentials() : mixed
Return values
mixed —checkLogon()
Checks a logon user/password against admins
public
checkLogon(string $user, string $pass) : object
Returns the user object if there is a match
Parameters
- $user : string
- $pass : string
Return values
object —checkUniqueMailaddress()
Checks if the email address being set is already used by another user Returns true if it is, false if not
public
checkUniqueMailaddress(string $email_to_check, type $current_user) : bool
Parameters
- $email_to_check : string
-
email address to check
- $current_user : type
-
user id of the user trying to set this email address
Tags
Return values
bool —getAdminEmail()
Returns the email addresses of the Admin with ADMIN_USERS rights
public
getAdminEmail([bit $rights = NULL ]) : array<string|int, mixed>
Parameters
- $rights : bit = NULL
-
what kind of admins to retrieve
Return values
array<string|int, mixed> —getAdministrators()
Returns an array of admin users, indexed by the userid and ordered by "privileges"
public
getAdministrators([mixed $what = 'users' ][, string $returnvalues = 'coredata' ]) : array<string|int, mixed>
The array contains the id, hashed password, user's name, email, and admin privileges
Parameters
- $what : mixed = 'users'
- $returnvalues : string = 'coredata'
-
'fulldata" (backward compatible full array of the users), "basedata" (only id, user and valid columns for use with administrator class)
Return values
array<string|int, mixed> —getAnAdmin()
Returns an admin object from the $pat:$criteria
public
static getAnAdmin(array<string|int, mixed> $criteria) : Administrator
Parameters
- $criteria : array<string|int, mixed>
-
[ match => criteria ]
Return values
Administrator —getAuthCookies()
returns an array of the active "password" cookies
public
static getAuthCookies() : mixed
NOTE: this presumes the general form of an authrization cookie is: zp_xxxxx_auth{_dddd) where xxxxx is the authority (e.g. gallery, image, search, ...) and dddd if present is the object id.
Return values
mixed —getLogoutURL()
Gets the logout link for backend or frontend if the visitor is a logged in user
public
static getLogoutURL([string $mode = 'backend' ][, string $redirect = '' ]) : string
If in front end mode this will keep the user on the same page after logout (even if that may not be public)
Parameters
- $mode : string = 'backend'
-
"backend" (default) for the main backend logout link, or "frontend" for theme usages like the user-loginout plugin
- $redirect : string = ''
-
non rewritten page query string to redirect to another frontend page than the current if in "frontend" mode
Tags
Return values
string —getLogoutURLPageParams()
Gets the current page params to generate a logout link of the current page if not using modrewrite
public
static getLogoutURLPageParams([string $returnvalue = 'string' ]) : array<string|int, mixed>|string
Parameters
- $returnvalue : string = 'string'
-
'string' for a ready to use string for an logout url or 'array' for an indexed array
Tags
Return values
array<string|int, mixed>|string —getMasterUser()
Returns the object of the master user
public
getMasterUser() : object
Return values
object —getMasterUserName()
Gets the name of the current master user
public
getMasterUserName() : type
Tags
Return values
type —getOptionsSupported()
Declares options used by lib-auth
public
getOptionsSupported() : array<string|int, mixed>
Return values
array<string|int, mixed> —getResetTicket()
public
static getResetTicket(mixed $user, mixed $pass) : mixed
Parameters
- $user : mixed
- $pass : mixed
Return values
mixed —getRights()
Returns an array of the rights definitions for $version (default returns current version rights)
public
static getRights([ $version = NULL ]) : mixed
Parameters
Return values
mixed —getVersion()
public
static getVersion() : mixed
Return values
mixed —handleLogon()
User authentication support
public
handleLogon() : mixed
Return values
mixed —handleLogout()
Cleans up on logout
public
static handleLogout() : mixed
Return values
mixed —handleOption()
Dummy for object inheritance purposes
public
handleOption(mixed $option, mixed $currentValue) : mixed
Parameters
- $option : mixed
- $currentValue : mixed
Return values
mixed —hasAdminTable()
Checks if the administrator table and actual admins exist
public
hasAdminTable() : bool
Tags
Return values
bool —isMasterUser()
Check if the user name is the master user
public
isMasterUser(strung $user) : bool
Parameters
- $user : strung
-
User name
Return values
bool —isUniqueMailaddress()
Checks if the email address being set is already used by another user Returns true if it is, false if not
public
isUniqueMailaddress(string $email_to_check, type $current_user) : bool
Parameters
- $email_to_check : string
-
email address to check
- $current_user : type
-
user id of the user trying to set this email address
Return values
bool —logUser()
Set log-in cookie for a user
public
static logUser(object $user) : mixed
Parameters
- $user : object
Return values
mixed —migrateAuth()
Migrates credentials
public
migrateAuth(mixed $to) : mixed
Parameters
- $to : mixed
Return values
mixed —newAdministrator()
Instantiates and returns administrator object
public
static newAdministrator( $name[, $valid = 1 ]) : object
Parameters
Return values
object —passwordHash()
Returns the hash of the zenphoto password
public
static passwordHash(string $user, string $pass[, mixed $hash_type = NULL ]) : string
Parameters
- $user : string
- $pass : string
- $hash_type : mixed = NULL
Return values
string —pbkdf2()
PBKDF2 Implementation (described in RFC 2898)
public
static pbkdf2(mixed $p, mixed $s[, mixed $c = 1000 ][, mixed $kl = 32 ][, mixed $a = 'sha256' ]) : mixed
@param string p password
Parameters
- $p : mixed
- $s : mixed
- $c : mixed = 1000
- $kl : mixed = 32
- $a : mixed = 'sha256'
Return values
mixed —printLoginForm()
Print the login form for ZP. This will take into account whether mod_rewrite is enabled or not.
public
printLoginForm([string $redirect = null ][, bool $logo = true ][, bool $showUserField = true ][, bool $showCaptcha = true ][, string $hint = '' ]) : mixed
Parameters
- $redirect : string = null
-
URL to return to after login
- $logo : bool = true
-
set to true to display the ADMIN zenphoto logo.
- $showUserField : bool = true
-
set to true to display the user input
- $showCaptcha : bool = true
-
set to false to not display the forgot password captcha.
- $hint : string = ''
-
optional hint for the password
Return values
mixed —printPasswordForm()
public
static printPasswordForm([mixed $id = '' ][, mixed $pad = false ][, mixed $disable = NULL ][, mixed $required = false ][, mixed $flag = '' ]) : mixed
Parameters
- $id : mixed = ''
- $pad : mixed = false
- $disable : mixed = NULL
- $required : mixed = false
- $flag : mixed = ''
Return values
mixed —printPasswordFormJS()
Javascript for password change input handling
public
static printPasswordFormJS() : mixed
Return values
mixed —updateAdminField()
Updates a field in admin record(s)
public
static updateAdminField(string $update, mixed $value, array<string|int, mixed> $constraints) : mixed
Parameters
- $update : string
-
name of the field
- $value : mixed
-
what to store
- $constraints : array<string|int, mixed>
-
on the update [ field
,value ]
Return values
mixed —Query result
validateTicket()
public
validateTicket(mixed $ticket, mixed $user) : mixed
Parameters
- $ticket : mixed
- $user : mixed