ZenphotoCMS 1.6.3

Zenphoto_Authority extends Authority

Provides the methods used for user authorization and management store an instantiation of this class in `$_zp_authority`.

Tags
deprecated
2.0
  • Use the class Authority instead

Table of Contents

Properties

$admin_all  : mixed
$admin_groups  : mixed
$admin_other  : mixed
$admin_realusers  : mixed
$admin_users  : mixed
$hashList  : mixed
$preferred_version  : mixed
$rightsset  : mixed
$supports_version  : mixed
$master_user  : mixed

Methods

__construct()  : lib_auth_options
class instantiation function
checkAuthorization()  : bit
Retuns the administration rights of a saved authorization code Will promote an admin to ADMIN_RIGHTS if he is the most privileged admin
checkCookieCredentials()  : mixed
Checks saved cookies to see if a user is logged in
checkLogon()  : object
Checks a logon user/password against admins
checkUniqueMailaddress()  : bool
Checks if the email address being set is already used by another user Returns true if it is, false if not
getAdminEmail()  : array<string|int, mixed>
Returns the email addresses of the Admin with ADMIN_USERS rights
getAdministrators()  : array<string|int, mixed>
Returns an array of admin users, indexed by the userid and ordered by "privileges"
getAnAdmin()  : Administrator
Returns an admin object from the $pat:$criteria
getAuthCookies()  : mixed
returns an array of the active "password" cookies
getLogoutURL()  : string
Gets the logout link for backend or frontend if the visitor is a logged in user
getLogoutURLPageParams()  : array<string|int, mixed>|string
Gets the current page params to generate a logout link of the current page if not using modrewrite
getMasterUser()  : object
Returns the object of the master user
getMasterUserName()  : type
Gets the name of the current master user
getOptionsSupported()  : array<string|int, mixed>
Declares options used by lib-auth
getResetTicket()  : mixed
getRights()  : mixed
Returns an array of the rights definitions for $version (default returns current version rights)
getVersion()  : mixed
handleLogon()  : mixed
User authentication support
handleLogout()  : mixed
Cleans up on logout
handleOption()  : mixed
Dummy for object inheritance purposes
hasAdminTable()  : bool
Checks if the administrator table and actual admins exist
isMasterUser()  : bool
Check if the user name is the master user
isUniqueMailaddress()  : bool
Checks if the email address being set is already used by another user Returns true if it is, false if not
logUser()  : mixed
Set log-in cookie for a user
migrateAuth()  : mixed
Migrates credentials
newAdministrator()  : object
Instantiates and returns administrator object
passwordHash()  : string
Returns the hash of the zenphoto password
pbkdf2()  : mixed
PBKDF2 Implementation (described in RFC 2898)
printLoginForm()  : mixed
Print the login form for ZP. This will take into account whether mod_rewrite is enabled or not.
printPasswordForm()  : mixed
printPasswordFormJS()  : mixed
Javascript for password change input handling
updateAdminField()  : mixed
Updates a field in admin record(s)
validateTicket()  : mixed

Properties

$hashList

public static mixed $hashList = array('pbkdf2' => 3, 'pbkdf2*' => 2, 'sha1' => 1, 'md5' => 0)

Methods

__construct()

class instantiation function

public __construct() : lib_auth_options
Return values
lib_auth_options

checkAuthorization()

Retuns the administration rights of a saved authorization code Will promote an admin to ADMIN_RIGHTS if he is the most privileged admin

public checkAuthorization(string $authCode, int $id) : bit
Parameters
$authCode : string

the hash code to check

$id : int

whom we think this is

Return values
bit

checkCookieCredentials()

Checks saved cookies to see if a user is logged in

public checkCookieCredentials() : mixed

checkLogon()

Checks a logon user/password against admins

public checkLogon(string $user, string $pass) : object

Returns the user object if there is a match

Parameters
$user : string
$pass : string
Return values
object

checkUniqueMailaddress()

Checks if the email address being set is already used by another user Returns true if it is, false if not

public checkUniqueMailaddress(string $email_to_check, type $current_user) : bool
Parameters
$email_to_check : string

email address to check

$current_user : type

user id of the user trying to set this email address

Tags
deprecated
2.0

– Use the method isUniqueMailaddress() instead

Return values
bool

getAdminEmail()

Returns the email addresses of the Admin with ADMIN_USERS rights

public getAdminEmail([bit $rights = NULL ]) : array<string|int, mixed>
Parameters
$rights : bit = NULL

what kind of admins to retrieve

Return values
array<string|int, mixed>

getAdministrators()

Returns an array of admin users, indexed by the userid and ordered by "privileges"

public getAdministrators([mixed $what = 'users' ][, string $returnvalues = 'coredata' ]) : array<string|int, mixed>

The array contains the id, hashed password, user's name, email, and admin privileges

Parameters
$what : mixed = 'users'
$returnvalues : string = 'coredata'

'fulldata" (backward compatible full array of the users), "basedata" (only id, user and valid columns for use with administrator class)

Return values
array<string|int, mixed>

getAnAdmin()

Returns an admin object from the $pat:$criteria

public static getAnAdmin(array<string|int, mixed> $criteria) : Administrator
Parameters
$criteria : array<string|int, mixed>

[ match => criteria ]

Return values
Administrator

getAuthCookies()

returns an array of the active "password" cookies

public static getAuthCookies() : mixed

NOTE: this presumes the general form of an authrization cookie is: zp_xxxxx_auth{_dddd) where xxxxx is the authority (e.g. gallery, image, search, ...) and dddd if present is the object id.

getLogoutURL()

Gets the logout link for backend or frontend if the visitor is a logged in user

public static getLogoutURL([string $mode = 'backend' ][, string $redirect = '' ]) : string

If in front end mode this will keep the user on the same page after logout (even if that may not be public)

Parameters
$mode : string = 'backend'

"backend" (default) for the main backend logout link, or "frontend" for theme usages like the user-loginout plugin

$redirect : string = ''

non rewritten page query string to redirect to another frontend page than the current if in "frontend" mode

Tags
since
1.6
global

type $_zp_current_admin_obj

Return values
string

getLogoutURLPageParams()

Gets the current page params to generate a logout link of the current page if not using modrewrite

public static getLogoutURLPageParams([string $returnvalue = 'string' ]) : array<string|int, mixed>|string
Parameters
$returnvalue : string = 'string'

'string' for a ready to use string for an logout url or 'array' for an indexed array

Tags
since
1.6
Return values
array<string|int, mixed>|string

getMasterUser()

Returns the object of the master user

public getMasterUser() : object
Return values
object

getMasterUserName()

Gets the name of the current master user

public getMasterUserName() : type
Tags
since
1.6
global

type $_zp_db

Return values
type

getOptionsSupported()

Declares options used by lib-auth

public getOptionsSupported() : array<string|int, mixed>
Return values
array<string|int, mixed>

getResetTicket()

public static getResetTicket(mixed $user, mixed $pass) : mixed
Parameters
$user : mixed
$pass : mixed

getRights()

Returns an array of the rights definitions for $version (default returns current version rights)

public static getRights([ $version = NULL ]) : mixed
Parameters
$version : = NULL

handleLogon()

User authentication support

public handleLogon() : mixed

handleLogout()

Cleans up on logout

public static handleLogout() : mixed

handleOption()

Dummy for object inheritance purposes

public handleOption(mixed $option, mixed $currentValue) : mixed
Parameters
$option : mixed
$currentValue : mixed

hasAdminTable()

Checks if the administrator table and actual admins exist

public hasAdminTable() : bool
Tags
since
1.6
global

obj $_zp_db

Return values
bool

isMasterUser()

Check if the user name is the master user

public isMasterUser(strung $user) : bool
Parameters
$user : strung

User name

Return values
bool

isUniqueMailaddress()

Checks if the email address being set is already used by another user Returns true if it is, false if not

public isUniqueMailaddress(string $email_to_check, type $current_user) : bool
Parameters
$email_to_check : string

email address to check

$current_user : type

user id of the user trying to set this email address

Return values
bool

logUser()

Set log-in cookie for a user

public static logUser(object $user) : mixed
Parameters
$user : object

migrateAuth()

Migrates credentials

public migrateAuth(mixed $to) : mixed
Parameters
$to : mixed

newAdministrator()

Instantiates and returns administrator object

public static newAdministrator( $name[,  $valid = 1 ]) : object
Parameters
$name :
$valid : = 1
Return values
object

passwordHash()

Returns the hash of the zenphoto password

public static passwordHash(string $user, string $pass[, mixed $hash_type = NULL ]) : string
Parameters
$user : string
$pass : string
$hash_type : mixed = NULL
Return values
string

pbkdf2()

PBKDF2 Implementation (described in RFC 2898)

public static pbkdf2(mixed $p, mixed $s[, mixed $c = 1000 ][, mixed $kl = 32 ][, mixed $a = 'sha256' ]) : mixed

@param string p password

Parameters
$p : mixed
$s : mixed
$c : mixed = 1000
$kl : mixed = 32
$a : mixed = 'sha256'

printLoginForm()

Print the login form for ZP. This will take into account whether mod_rewrite is enabled or not.

public printLoginForm([string $redirect = null ][, bool $logo = true ][, bool $showUserField = true ][, bool $showCaptcha = true ][, string $hint = '' ]) : mixed
Parameters
$redirect : string = null

URL to return to after login

$logo : bool = true

set to true to display the ADMIN zenphoto logo.

$showUserField : bool = true

set to true to display the user input

$showCaptcha : bool = true

set to false to not display the forgot password captcha.

$hint : string = ''

optional hint for the password

printPasswordForm()

public static printPasswordForm([mixed $id = '' ][, mixed $pad = false ][, mixed $disable = NULL ][, mixed $required = false ][, mixed $flag = '' ]) : mixed
Parameters
$id : mixed = ''
$pad : mixed = false
$disable : mixed = NULL
$required : mixed = false
$flag : mixed = ''

printPasswordFormJS()

Javascript for password change input handling

public static printPasswordFormJS() : mixed

updateAdminField()

Updates a field in admin record(s)

public static updateAdminField(string $update, mixed $value, array<string|int, mixed> $constraints) : mixed
Parameters
$update : string

name of the field

$value : mixed

what to store

$constraints : array<string|int, mixed>

on the update [ field,value ]

Return values
mixed

Query result

validateTicket()

public validateTicket(mixed $ticket, mixed $user) : mixed
Parameters
$ticket : mixed
$user : mixed

        
On this page

Search results