[PHPLIB-DEV] cvs commit From: negro (phplib-dev <email protected>)
Date: 10/25/99

From: negro
Date: Mon Oct 25 12:05:01 1999
Modified files:
      php-lib/CHANGES
      php-lib/doc/sgml/03-auth.sgml
      php-lib/php/auth.inc

Log message:
auth.inc code and documentation should be more in sync, now.
PLEASE DOUBLE CHECK MY SPELLING!

Index: php-lib/CHANGES
diff -u php-lib/CHANGES:1.110 php-lib/CHANGES:1.111
--- php-lib/CHANGES:1.110 Sun Oct 24 16:39:30 1999
+++ php-lib/CHANGES Mon Oct 25 12:04:59 1999
@@ -1,4 +1,8 @@
-$Id: CHANGES,v 1.110 1999/10/24 14:39:30 kk Exp $
+$Id: CHANGES,v 1.111 1999/10/25 10:04:59 negro Exp $
+
+25-Oct-1999 negro
+ - auth.inc code and documentation should be more in sync, now.
+ PLEASE DOUBLE CHECK MY SPELLING!
 
 24-Oct-1999 kk
   - Documentation update, prepare for armageddon
Index: php-lib/doc/sgml/03-auth.sgml
diff -u php-lib/doc/sgml/03-auth.sgml:1.2 php-lib/doc/sgml/03-auth.sgml:1.3
--- php-lib/doc/sgml/03-auth.sgml:1.2 Tue Jul 27 19:23:57 1999
+++ php-lib/doc/sgml/03-auth.sgml Mon Oct 25 12:04:59 1999
@@ -1,4 +1,4 @@
-<!-- $Id: 03-auth.sgml,v 1.2 1999/07/27 17:23:57 athompso Exp $ -->
+<!-- $Id: 03-auth.sgml,v 1.3 1999/10/25 10:04:59 negro Exp $ -->
 
 <sect1>Auth
 <p>
@@ -42,13 +42,14 @@
 classname<colsep>Serialization helper: The name of this class.<rowsep>
 persistent&lowbar;slots<colsep>Serialization helper: The names of all persistent slots.<rowsep>
 
-lifetime<colsep>Maximum allowed idle time before the authentication expires.<rowsep>
+lifetime<colsep>Maximum allowed idle time before the authentication expires. If set to 0, The authentication never expires (as long as the session remains active).<rowsep>
+refresh<colsep>Maximum allowed time before the authentication info (perms and alike) are re-read from the database calling <tt/auth&lowbar;refreshlogin()/ method. If set to 0 authentication info are read only at the login stage.<rowsep>
 mode<colsep>Authentication mode: <tt/log/ or <tt/reg/ (see below).<rowsep>
 database&lowbar;class<colsep>A classname. Auth uses this class to make a database connection.<rowsep>
 database&lowbar;table<colsep>Database table used to keep the session variables.<rowsep>
 magic<colsep>An arbitrary value used in uniqid generation.<rowsep>
 nobody<colsep>Flag: If true, we use default authentication.<rowsep>
-cancel_auth<colsep>The name of a button that can be used to cancel a login form<rowsep>
+cancel_login<colsep>The name of a button that can be used to cancel a login form<rowsep>
 </tabular>
 <caption>Accessible instance variables.</caption>
 </table>
@@ -84,7 +85,7 @@
 <tag>login&lowbar;if($t)</tag>
 <p>
     A function that can be used to change the current user
- identity from <tt/nobody/ in using default authentication mode.
+ identity.
     See the section and example on using default authentication
     below.
 
@@ -101,6 +102,8 @@
         true as the first parameter to unauth. This will also change
         <tt/$this-&gt;auth["uname"]/.
 
+ Since V7.2: Passing $nobody to this method is deprecated.
+
 <tag>logout($nobody = $this-&gt;nobody)</tag>
 <p>
     This function destroy all authentication information
@@ -117,6 +120,8 @@
         so the behaviour is identical (except <tt/logout()/ will always
         clear <tt/$this-&gt;auth["uname"]/ and unregister the auth class).
 
+ Since V7.2: Passing $nobody to this method is deprecated.
+
 <tag>is&lowbar;authenticated()</tag>
 <p>
     Will return false, if the current authentication is
@@ -163,6 +168,16 @@
     </descrip>
     
     See the example below for more information.
+
+<tag>auth&lowbar;refreshlogin()</tag>
+
+ This function is called every <tt/refresh/ minutes. It must refresh
+ the authentication informations stored in <tt/auth/ array by
+ <tt/auth&lowbar;validatelogin()/ method. It is not called if the
+ user is logged in as nobody.
+
+ It must return true on success, false otherwise (i.e.: the userid
+ is no longer valid).
 
 <tag>auth&lowbar;registerform()</tag>
 <p>See auth&lowbar;doregister().
Index: php-lib/php/auth.inc
diff -u php-lib/php/auth.inc:1.20 php-lib/php/auth.inc:1.21
--- php-lib/php/auth.inc:1.20 Sun Oct 24 14:15:21 1999
+++ php-lib/php/auth.inc Mon Oct 25 12:05:00 1999
@@ -7,7 +7,7 @@
  * Copyright (c) 1999 Internet Images srl
  * Massimiliano Masserelli
  *
- * $Id: auth.inc,v 1.20 1999/10/24 12:15:21 kk Exp $
+ * $Id: auth.inc,v 1.21 1999/10/25 10:05:00 negro Exp $
  *
  */
 
@@ -31,6 +31,9 @@
 
   var $nobody = false; ## If true, a default auth is created...
 
+ var $cancel_login = "cancel_login"; ## The name of a button that can be
+ ## used to cancel a login form
+
   ## End of user qualifiable settings.
 
   var $auth = array(); ## Data array
@@ -41,7 +44,8 @@
   ## Initialization
   ##
   function start() {
- global $sess, $cancel_login;
+ $cl = $this->cancel_login;
+ global $sess, $$cl;
 
     ## This is for performance, I guess but I'm not sure if it could
     ## be safely removed -- negro
@@ -59,14 +63,14 @@
     # Check current auth state. Should be one of
     # 1) Not logged in (no valid auth info or auth expired)
     # 2) Logged in (valid auth info)
- # 3) Login in progress (if $cancel_login, revert to state 1)
+ # 3) Login in progress (if $$cl, revert to state 1)
     if ($this->is_authenticated()) {
       $uid = $this->auth["uid"];
       switch ($uid) {
         case "form":
           # Login in progress
- if ($cancel_login) {
- # If $cancel_login is set, delete all auth info
+ if ($$cl) {
+ # If $$cl is set, delete all auth info
             # and set state to "Not logged in", so eventually
             # default or automatic authentication may take place
             $this->unauth();
@@ -211,7 +215,9 @@
     ## Back compatibility: passing $nobody to this method is
     ## deprecated
     if ($nobody) {
- $this->nobody = $nobody;
+ $this->auth["uid"] = "nobody";
+ $this->auth["perm"] = "";
+ $this->auth["exp"] = 0x7fffffff;
     }
   }
   

-
PHPLIB Developers Mailing List. Send messages to <phplib-dev <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-dev-request <email protected>> in
the body, not the subject, of your message.