Many applications don't use PHPlib's advanced features, but see PHPlib as a convenient way to protect pages or functionality with passwords. This section covers such core functionality usage of PHPlib.
Use new_user.php3 from the pages/admin directory of the distribution.
If you followed the installation instructions, it should be available under the /admin URL
of your web server.
To manually create a user, run
print md5(uniqid("some magic string") you will get a user id, then do -
insert into auth_user values ( "that userid", "username", "password", "permissions");
Creating protected functionality
Begin that page with
<?php
page_open(
array("sess" => "Example_Session",
"auth" => "Example_Auth",
"perm" => "Example_Perm"));
?>
End that page with
Enclose the protected functionality in
<?php
if ($perm->have_perm("desired protection")):
?>
Put protected HTML or PHP here
<?php
endif
?>Note:
desired protection is any combination of
permissions from Example_Perm. Using the default values from
Example_Perm, "user", "user,author" or "admin" are all
valid sample values. A user can access a page, if that user has
all permissions that are being requested in a
$perm->check() or $perm->have_perm() call.
Note:
Users can have multiple permission in their perms
column of auth_user. A user with perms
"user,author,editor" can access all pages requesting any
combination of these permissions.
Note:
If $auth->auth["uid"] is set on a protected
page and if (time < auth->auth["exp"]), then and
only then the authentication is valid. You may then use
$auth->auth["uname"] as the user name,
$auth->auth["uid"] as a unique user id and
$auth->auth["perm"] for the current permissions of that
user. Actually, you never want to touch$auth->auth["perm"]
manually, but use $perm->have_perm("...")
for that.
Copyright © 2001 The PHPlib Group
PHPlib Manual
Quick Start
Getting The Latest Version
Using core features of PHPlib
Quick Guide to Installation
