Procedural File: authentication_api.php

bool auth_attempt_login( string $p_username, string $p_password, [bool $p_perm_login = false])

Attempt to login the user with the given password

If the user fails validation, false is returned If the user passes validation, the cookies are set and true is returned. If $p_perm_login is true, the long-term cookie is created.

Tags:

Parameters

string	$p_username	a prepared username
string	$p_password	a prepared password
bool	$p_perm_login	whether to create a long-term cookie

bool auth_attempt_script_login( string $p_username, [string $p_password = null])

Allows scripts to login using a login name or ( login name + password )

Tags:

Parameters

string	$p_username	username
string	$p_password	username

bool auth_automatic_logon_bypass_form( )

Identicates whether to bypass logon form e.g. when using http auth

Tags:

bool auth_clear_cookies( )

Clear login cookies, return true if they were cleared

Tags:

bool auth_does_password_match( int $p_user_id, string $p_test_password)

Return true if the password for the user id given matches the given

password (taking into account the global login method)

Tags:

Parameters

int	$p_user_id	User id to check password against
string	$p_test_password	Password

void auth_ensure_user_authenticated( [string $p_return_page = ''])

Check that there is a user logged-in and authenticated

If the user's account is disabled they will be logged out If there is no user logged in, redirect to the login page If parameter is given it is used as a URL to redirect to following successful login. If none is given, the URL of the current page is used

Tags:

Parameters

string

$p_return_page

Page to redirect to following successful logon, defaults to current page

string auth_generate_confirm_hash( int $p_user_id)

Generate a confirm_hash 12 character to valide the password reset request

Tags:

Parameters

int

$p_user_id

user id

string auth_generate_cookie_string( )

Generate a string to use as the identifier for the login cookie

It is not guaranteed to be unique and should be checked The string returned should be 64 characters in length

Tags:

string auth_generate_random_password( string $p_email)

Generate a random 12 character password

Tags:

Parameters

string

$p_email

unused

string auth_generate_unique_cookie_string( )

Generate a UNIQUE string to use as the identifier for the login cookie

The string returned should be 64 characters in length

Tags:

string auth_get_current_user_cookie( [boolean $p_login_anonymous = true])

Return the current user login cookie string,

note that the cookie cached by a script login superceeds the cookie provided by the browser. This shouldn't normally matter, except that the password verification uses this routine to bypass the normal authentication, and can get confused when a normal user logs in, then runs the verify script. the act of fetching config variables may get the wrong userid. if no user is logged in and anonymous login is enabled, returns cookie for anonymous user otherwise returns '' (an empty string)

Tags:

Parameters

boolean

$p_login_anonymous

auto-login anonymous user

int auth_get_current_user_id( )

Retrieve user id of current user

Tags:

bool auth_http_is_logout_pending( )

Tags:

void auth_http_prompt( )

Tags:

void auth_http_set_logout_pending( bool $p_pending)

Tags:

Parameters

bool

$p_pending

bool auth_is_cookie_string_unique( string $p_cookie_string)

Return true if the cookie login identifier is unique, false otherwise

Tags:

Parameters

string

$p_cookie_string

bool auth_is_cookie_valid( string $p_cookie_string)

is cookie valid?

Tags:

Parameters

string

$p_cookie_string

bool auth_is_user_authenticated( [boolean 0 = auto-login anonymous user])

Return true if there is a currently logged in and authenticated user, false otherwise

Tags:

Parameters

boolean

0

auto-login anonymous user

void auth_logout( )

Logout the current user and remove any remaining cookies from their browser

Returns true on success, false otherwise

Tags:

string auth_prepare_password( string $p_password)

prepare/override the password provided from logon form (if necessary)

Tags:

Parameters

string

$p_password

string auth_prepare_username( string $p_username)

prepare/override the username provided from logon form (if necessary)

Tags:

Parameters

string

$p_username

string auth_process_plain_password( string $p_password, [string $p_salt = null], [string $p_method = null])

Encrypt and return the plain password given, as appropriate for the current global login method.

When generating a new password, no salt should be passed in. When encrypting a password to compare to a stored password, the stored password should be passed in as salt. If the auth method is CRYPT then crypt() will extract the appropriate portion of the stored password as its salt

Tags:

Parameters

string	$p_password
string	$p_salt	salt, defaults to null
string	$p_method	logon method, defaults to null (use config login method)

bool auth_reauthenticate( )

Check for authentication tokens, and display re-authentication page if needed.

Currently, if using BASIC or HTTP authentication methods, or if logged in anonymously, this function will always "authenticate" the user (do nothing).

Tags:

bool auth_reauthenticate_page( integer $p_user_id, string $p_username)

Generate the intermediate authentication page.

Tags:

Parameters

integer	$p_user_id	User ID
string	$p_username	Username

void auth_set_cookies( int $p_user_id, [bool $p_perm_login = false])

Set login cookies for the user

If $p_perm_login is true, a long-term cookie is created

Tags:

Parameters

int	$p_user_id	user id
bool	$p_perm_login	indicates whether to generate a long-term cookie

void auth_set_tokens( integer $p_user_id)

Set authentication tokens for secure session.

Tags:

Parameters

integer

$p_user_id

User ID