|
Example 3
Example 3 comprises the following files:
- demodata.xml
- This XML file gets used to create the database by the MDB2_Schema class.
- example.php
- Frameset
- nav.php
- Navigation frame -- this shows the area list.
- main.php
- Default main frame -- does nothing really.
There is also one *.php file for each area -- the nav.php navigates to these in the main frame. These files are used to simulate the various "areas" in an application. They are:
- area51.php
- coffeemaker.php
- testarea.php
demodata.xml
This file is loaded into the database by the script demodata.php, which I was only able to find in LiveUser CVS. When you have this script you can use the following command to load the demodata.xml file into your database:
php demodata.php -d mysql://root:ROOTPASSWORD@localhost/liveuser_test -f demodata.xml
If you want to see the file, see FullTextOfDemodataForExample3
If you want to see an SQL representation of the file it creates (in case you don't want to use MDB2, or don't have the demodata.php script), see MySQLDumpOfDemodataForExample3.
conf.php
In this example, all of the LiveUser and LiveUser_Admin setup is done in conf.php. This includes setting up the configuration array and creating the various objects.
<?php
//
// Backwards compatibility hack to define PATH_SEPARATOR if it is
// not already defined.
//
if (!defined('PATH_SEPARATOR')) {
if (defined('DIRECTORY_SEPARATOR') && DIRECTORY_SEPARATOR == "") {
define('PATH_SEPARATOR', ';');
} else {
define('PATH_SEPARATOR', ':');
}
}
error_reporting(E_ALL);
//
// right definitions
//
define('READ_TESTS', 1);
define('WRITE_TESTS', 2);
define('ACCESS', 3);
define('LAUNCH_ATOMIC_BOMB', 4);
define('FLY_ALIEN_SPACE_CRAFT', 5);
define('MAKE_COFFEE', 6);
define('DRINK_COFFEE', 7);
// set this to the path in which the directory for liveuser resides
// or remove the following two lines to test LiveUser in the standard
// PEAR directory
//$path_to_liveuser_dir = './pear/'.PATH_SEPARATOR;
//ini_set('include_path', $path_to_liveuser_dir.ini_get('include_path'));
//
// Data Source Name (DSN). You will need to put a real database user
// name and password in here (e.g. replace "root" with
// "databaseuser:databasepassword").
//
$dsn = 'mysql://root@localhost/liveuser_admin_test_example3';
//
// Define the LiveUser configuration.
//
$liveuserConfig = array(
'session' => array('name' => 'PHPSESSID','varname' => 'loginInfo'),
'logout' => array('destroy' => true),
'cookie' => array(
'name' => 'loginInfo',
'path' => null,
'domain' => null,
'secure' => false,
'lifetime' => 30,
'secret' => 'mysecretkey',
'savedir' => '.',
),
//
// We are only going to have one authentication container. This time
// it will be a container of type "MDB2". The array key (DB) is ignored,
// although we use the key "DB" for effect.
//
'authContainers' => array(
'DB' => array(
'type' => 'MDB2',
'expireTime' => 0,
'idleTime' => 0,
'allowDuplicateHandles' => 1,
'passwordEncryptionMode' => 'PLAIN',
'storage' => array(
'dsn' => $dsn,
'alias' => array(
'auth_user_id' => 'authuserid',
'lastlogin' => 'lastlogin',
'is_active' => 'isactive',
),
'fields' => array(
'lastlogin' => 'timestamp',
'is_active' => 'boolean',
),
'tables' => array(
'users' => array(
'fields' => array(
'lastlogin' => false,
'is_active' => false,
),
),
),
)
)
),
//
// We set up one permission container, with much the same parameters
// as the storage container. This is going to use the "Medium" complexity
// permissions model, which gives us access to groups as well as the
// permissions available in the simple complexity model. See the E-R
// diagram here:
// http://oss.backendmedia.com/LiveUser/External
//
'permContainer' => array(
'type' => 'Medium',
'alias' => array(),
'storage' => array(
'MDB2' => array(
'dsn' => $dsn,
'prefix' => 'liveuser_',
'tables' => array(),
'fields' => array(),
),
),
),
);
//
// Get LiveUser class definition
//
require_once 'LiveUser.php';
// The error handling stuff is not needed and used only for debugging
// while LiveUser is not yet mature
PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'eHandler');
function eHandler($errObj)
{
echo('<hr /><span style="color: red;">' . $errObj->getMessage() .
':<br />' . $errObj->getUserInfo() . '</span><hr />');
$debug_backtrace = debug_backtrace();
array_shift($debug_backtrace);
$message= 'Debug backtrace:'."n";
foreach ($debug_backtrace as $trace_item) {
$message.= "t" . ' @ ';
if (array_key_exists('file', $trace_item)) {
$message.= basename($trace_item['file']) . ':' .
$trace_item['line'];
} else {
$message.= '- PHP inner-code - ';
}
$message.= ' -- ';
if (array_key_exists('class', $trace_item)) {
$message.= $trace_item['class'] . $trace_item['type'];
}
$message.= $trace_item['function'];
if (array_key_exists('args', $trace_item) && is_array($trace_item['args'])) {
$message.= '('.@implode(', ', $trace_item['args']).')';
} else {
$message.= '()';
}
$message.= "n";
}
echo "<pre>$message</pre>";
}
//
// Create new LiveUser object
//
$LU =& LiveUser::factory($liveuserConfig);
if (!$LU->init()) {
var_dump($LU->getErrors());
die();
}
$handle = (array_key_exists('handle', $_REQUEST)) ? $_REQUEST['handle'] : null;
$passwd = (array_key_exists('passwd', $_REQUEST)) ? $_REQUEST['passwd'] : null;
$logout = (array_key_exists('logout', $_REQUEST)) ? $_REQUEST['logout'] : false;
$remember = (array_key_exists('rememberMe', $_REQUEST)) ? $_REQUEST['rememberMe'] : false;
if ($logout) {
$LU->logout(true);
} elseif(!$LU->isLoggedIn() || ($handle && $LU->getProperty('handle') != $handle)) {
if (!$handle) {
$LU->login(null, null, true);
} else {
$LU->login($handle, $passwd, $remember);
}
}
//
// Load the LiveUser_Admin class.
//
require_once 'LiveUser/Admin.php';
//
// Create the LiveUser_Admin object.
//
$luadmin =& LiveUser_Admin::factory($liveuserConfig);
$luadmin->init();
$language_selected = array_key_exists('language', $_GET) ? $_GET['language'] : 'de';
?>
example.php
This just draws the frames for the application.
<?php
$language = '';
session_start();
if (array_key_exists('language', $_POST)) {
$language = $_POST['language'];
} elseif (array_key_exists('language', $_SESSION)) {
$language = $_SESSION['language'];
} else {
$language = 'en';
}
$_SESSION['language'] = $language;
session_write_close();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
<html>
<head>
<title>Example 3</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type="text/css">
<!--
table {
background-color: #CCCCCC;
border-color: 1px solid #000;
}
body {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 12px;
color: #000000;
background-color: #FFFFFF
}
.center {
text-align: center;
}
.center table {
margin: auto;
}
-->
</style>
</head>
<frameset cols="200,*" rows="*">
<frame name="nav"
frameborder="0"
scrolling="no"
noresize="noresize"
src="nav.php?language=<?php echo $language; ?>" />
<frame name="main" frameborder="0" src="main.php" />
<noframes>
<body>Your browser does not
handle frames!</body>
</noframes>
</frameset>
</html>
?>
nav.php
This draws the navigation frame.
A list of areas is produced from the LiveUser_Admin class. The main function call used is:
- getAreas
- http://pear.php.net/package/LiveUser_Admin/docs/latest/LiveUser_Admin/LiveUser_Admin_Perm_Simple.html#methodgetAreas
<?php
require_once 'conf.php';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Navigation</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type="text/css">
<!--
table {
background-color: #CCCCCC;
border-color: 1px solid #000;
}
body {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 12px;
color: #000000;
background-color: #FFFFFF
}
.center {
text-align: center;
}
.center table {
margin: auto;
}
-->
</style>
</head>
<body>
<h3>Navigation</h3>
<table border="0" cellpadding="5">
<?php
// get the area_define_name and the area_name of each area in
// the current language.
$areas = $luadmin->perm->getAreas(array(
'fields' => array('area_define_name', 'name'),
'filters' => array('language_id' => $language_selected)
));
// print navigation
foreach ($areas as $row) {
?>
<tr>
<td><li></td>
<td>
<a href="<?php echo strtolower($row['area_define_name']); ?>.php"
target="main"><?php echo $row['name']; ?></a>
</td>
</tr>
<?php
}
?>
</table>
<p> </p>
<form method="POST" action="example.php" target="_parent">
<select name="language" size="1" onChange="submit()">
<?php
$languages = array(
'de' => array(
'de' => 'Deutsch',
'en' => 'Englisch'
),
'en' => array(
'de' => 'German',
'en' => 'English'
),
);
// print language options
foreach ($languages[$language_selected] as $code => $language) {
$selected = $code == $language_selected ? ' selected="selected"' : '';
?>
<option value="<?php echo $code;?>"<?php echo $selected; ?>><?php echo $language; ?></option>';
<?php
}
?>
</select>
</form>
<p> </p>
<p> </p>
</body>
</html>
?>
area51.php
Here is where we see user rights in action. This script gets put into the main frame if area51 is selected in the navigation frame.
We see use of the following class methods:
- isLoggedIn?
- http://pear.php.net/package/LiveUser/docs/latest/LiveUser/LiveUser.html#methodisLoggedIn
- checkRight
- http://pear.php.net/package/LiveUser/docs/latest/LiveUser/LiveUser.html#methodcheckRight
The checkRight() method is the key here -- it follows the user's permissions, the user's group membership, the group's permissions, etc, and gives us an answer as to whether a user can access this "right".
In the second example of checkRight() below we see checkRight() called with an array of rights, so that multiple rights can be checked with one function call.
<?php
/**
* Test for the LiveUser class
* ===============================
*
* This example sets up an authorization system using the LiveUser
* class. You don't have to use this to use the LiveUser class(es), but
* this way you don't need to take care of the login-process, storing
* the user object in a session and more...
*
* This example is intended to be used with the DB_Medium Perm driver.
*
* @version $Id: area51.php,v 1.2 2004/12/18 21:59:05 lsmith Exp $
**/
// Include configuration.
require_once 'conf.php';
if (!$LU) {
die('An unknown error occurred');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Example Area51</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type="text/css">
<!--
table {
background-color: #CCCCCC;
border-color: 1px solid #000;
}
body {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 12px;
color: #000000;
background-color: #FFFFFF
}
.center {
text-align: center;
}
.center table {
margin: auto;
}
-->
</style>
</head>
<body>
<h1>Area51</h1>
<p> </p>
<?php
if (!$LU->isLoggedIn()) {
$target = 'area51.php';
include_once 'loginscreen.php';
exit();
} else {
if (!$LU->checkRight(ACCESS)) {
?>
<p>Hey, this is a top secret area. Access denied.</p>
<?php
} else {
?>
<p>Live long and prosper, <b><?php echo $LU->getProperty('handle'); ?>
</b>.</p>
<p>You have access at the necessary level <b><?php
echo $LU->checkRightLevel(ACCESS, 1, 0); ?></b></p>
<p>Please wait ... checking some rights ...<br />
<?php
// you can even check multiple rights with one checkright call
if ($LU->checkRight(array(LAUNCH_ATOMIC_BOMB, FLY_ALIEN_SPACE_CRAFT))) {
?>
<p>OK, you're the boss. Let's take our alien space craft,
launch the orbital atomic bombs and kick some ass! ;-)<br />
(Ehm, that was just to test our right system ...)<p>
<?php
} else {
?>
<p>Don't touch anything!</p>
<?php
}
}
}
?>
<p> </p>
<p class="center"><a href="area51.php?logout=1">Logout</a></p>
</body>
</html>
?>
This site powered by YaWiki 0.22 beta.
|
|