archive-com.com » COM » S » SOLARPHP.COM

Total: 875

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Solar Framework for PHP 5
    forever Default is 14400 4 hours If this value is greater than the non zero PHP ini setting for session cookie lifetime it will throw an exception idle int The maximum allowed idle time in seconds If the user is idle for longer than this he will be logged out automatically and will have to log in again Zero is forever Default is 1440 24 minutes If this value is greater than the the PHP ini setting for session gc maxlifetime it will throw an exception source string The source array for auth credentials get via the for GET request vars or post via the POST request vars Default is post source handle string Username key in the auth credential source array default handle source passwd string Password key in the auth credential source array default passwd source redirect string Element key in the credential array source to indicate where to redirect on successful login or logout default redirect source process string Element key in the credential array source to indicate how to process the request default process process login string The source process element value indicating a login request default is the PROCESS LOGIN locale key value which is login process logout string The source process element value indicating a logout request default is the PROCESS LOGOUT locale key value which is logout login callback callback A callback to execute as part of the login process whether or not login was successful logout callback callback A callback to execute as part of the logout process Based on the above default settings we can discern the following The adapter will process a login request whenever it sees POST process login It will use the value POST handle as the username and the value of POST passwd as the plaintext password when it checks the adapter specific credential store The adapter will process a logout request whenever it sees POST process logout After a successful login or logout the adapter will look at the value of POST redirect and if not empty will issue a redirect to that URI 7 3 3 Adapter Specific Configuration In addition to the common configuration settings above each adapter has config settings specific to its credential storage backend In the above example we used a Solar Auth Adapter Sql adapter You can see the combined set of all config options here Let s look at a few of adapter specific settings sql dependency A Solar Sql dependency injection This is what gives the adapter a connection to the SQL database Default is sql meaning that it will look for a registry entry named sql table string The name of the database table with handles usernames and passwords Default is members handle col string The column in the table for handles usernames Default is handle passwd col string The column in the table for hashed passwords Default is passwd hash algo string The hash algorithm used for passwords Default is md5 salt string The salt string

    Original URL path: http://solarphp.com/manual/user.auth-process (2016-02-13)
    Open archived version from archive


  • Solar Framework for PHP 5
    and then a logout form with a Sign Out button Below the login or logout form may be a status message such as Welcome back or Your username and password did not match Please try again The code to represent this logic in your view might look like the following Assume that the public property user is a Solar User object available to the view div id user php if this user auth isValid the user is logged in show a logout form echo div n this getText TEXT AUTH USERNAME n this escape this user auth handle n div n echo this form addProcess logout decorateAsDivs fetch else the user is not logged in show a login form echo this form text array name handle label LABEL HANDLE password array name passwd label LABEL PASSWD addProcess login decorateAsDivs fetch always show the authentication status status this user auth getStatusText if status echo div class status this escape status div n div So if the user is logged in as noted by the result of the this user auth isValid call then a Signed in as message will appear with a Sign Out button below Additionally any status messages such

    Original URL path: http://solarphp.com/manual/user.auth-forms (2016-02-13)
    Open archived version from archive

  • Solar Framework for PHP 5
    user has no roles Solar Role Adapter Sql selects user roles from a database table Note Note that these adapters are read only They do not create or manage role assignments for you they only look up which roles a user belongs to An authenticated identity will never change during the login period However a user s roles might change during the same session e g being promoted from a moderator to an author while logged in For this reason the role adapters re read the user roles from the storage backend on each new page request Solar uses a Solar Role factory to create the adapter instance so you need to configure the factory to create the kind of adapter you want to use for role discovery You can do so in the config file like this php config Solar Role array adapter Solar Role Adapter Sql 7 5 2 Configuration Now that we have told the factory what adapter to create we need to configure the adapter itself Role adapters are much easier to configure than authentication adapters but each has its own settings You can look up the config keys for each of them on the following pages File config keys Ldap config keys Sql config keys For example the configuration for an SQL role adapter to use the roles table with columns handle for the username and name for the assigned role would look like this php config Solar Role Adapter Sql array table roles handle col handle role col name 7 5 3 Usage Let s say we are using the SQL role adapter to read from roles table with the following information table roles handle name bolivar admin andy editor sarah editor andy author jameel author kornblum moderator Let s also say that the

    Original URL path: http://solarphp.com/manual/user.roles (2016-02-13)
    Open archived version from archive

  • Solar Framework for PHP 5
    configure than authentication adapters but each has its own settings You can look up the config keys for each of them on the following pages File config keys Sql config keys For example the configuration for a file based access adapter to use an access control list at SYSTEM config access txt would look like this php config Solar Access Adapter File array file system config access txt 7 6 3 List Format Access control lists have one row per entry and each entry has five elements flag string Does this entry allow access or deny it type string Does this entry specify to a user handle a user role or the owner of a particular object More on ownership access in a later section name string If the entry type is handle this identifies the user handle being controlled There are two special values for this element means all users even anonymous unauthenticated users and means all authenticated users string Alternatively if the entry type is role this identifies the user role being controlled The special value means all roles string Finally if the entry type is owner this value has no effect You can leave it blank or put in a if you want More on ownership access in a later section class string What class does this access control apply to Typically this is a page controller class name The special value means all classes action string What action name does this access control apply to Typcially this is the name of a page controller action The special value means all actions Here s an example of a file based access control list flag type name class action allow any user with an admin role access to all actions in all classes allow role admin allow all

    Original URL path: http://solarphp.com/manual/user.access (2016-02-13)
    Open archived version from archive

  • Solar Framework for PHP 5
    extend the Solar Controller Page class with a class specific to our particular vendor The following bits of logic are implemented As part of construction the setup method retrieves the registered Solar User object so we have authentication role and access control information for the current user Recall that instantiating the Solar User object also handles authentication attempts for us The preAction runs before each inidividual action As part of that logic it checks to see if the current user is allowed access to the current class and action If not it changes the value of this action so that the user will be directed to the actionForbidden method instead of the one he s not allowed to access The actionForbidden method turns off the view and layout sets the response code to 403 Forbidden and forcibly resets the resonse content Alternatively you could create a forbidden php view instead of setting the response content directly Now when a user tries to access a controller and action that he doesn t have access to he will get a 403 Forbidden response 7 7 2 Intra Action Access Control The above approach is straighforward but doesn t allow for much nuance Sometimes you need to check access permissions as part of an action that is already being executed As such you may wish to create a special method that checks access controls and call it from within your actions For example php abstract class Vendor Controller Page extends Solar Controller Page public user protected function setup parent setup this user Solar Registry get user protected function isUserAllowed if this user access isAllowed this this action return true else this error Access denied this response setStatusCode 403 return false class Vendor App Foo extends Vendor Controller Page public function actionFoo perform preliminary

    Original URL path: http://solarphp.com/manual/user.integration (2016-02-13)
    Open archived version from archive

  • Solar Framework for PHP 5
    blog entry We could write a method like this on the blogs record class php class Vendor Model Blogs Record public function accessIsOwner Solar Auth Adapter auth Solar Role Adapter role check the record s author handle column to see if it matches the current authenticated user if this author handle auth handle return true not the original author so don t treat as an owner return false 7 8 2 Configure Access To Recognize Ownership For each kind of content object in the system you will need to tell Solar Access Adapter what method to use on each object to determine if the user is an owner or not In the above example we have the Vendor Model Blogs Record accessIsOwner method We make a corresponding entry in the owner method config key for Solar Access Adapter php config Solar Access Adapter owner method array Vendor Model Blogs Record accessIsOwner The owner method config setting is an array of key value pairs where the key is the class name of the object being checked and the value is the method on that class Later when we call user access isOwner the adapter will loop through these keys see if the object being controller matches a class in the array and call the corresponding method to check ownership 7 8 3 Access Control List Entries As noted in an earlier section you can use an owner entry type to specify that the user has to be the owner of an object being checked in the controller and action flag type name class action allow users to edit their own posts allow owner Vendor App Blog edit 7 8 4 Integration With Controllers Now that we have the special ownership method on our content class and the access adapter knows what

    Original URL path: http://solarphp.com/manual/user.ownership (2016-02-13)
    Open archived version from archive

  • Solar Framework for PHP 5
    Vendor Source 8 5 1 Example 8 6 Get Help 8 7 Make One Or More Models 8 7 1 Make One Model 8 7 2 Specify a Table Name 8 7 3 Specify a Parent Class 8 7 4 Make Several Models At Once 8 8 Make A Web Application Page 8 8 1 Make A Basic App 8 8 2 Make a Boilerplate BREAD App 8 9 Make

    Original URL path: http://solarphp.com/manual/commands (2016-02-13)
    Open archived version from archive

  • Solar Framework for PHP 5
    Shows the list of commands for a vendor or the help text for a specific vendor command 8 1 2 Project Related Commands make model Creates a set of model classes from a database table make app Creates a set of web application classes and files optionally generating browse read edit add delete boilerplate code using a specific model make cli Creates a series of CLI command classes and files

    Original URL path: http://solarphp.com/manual/commands.intro (2016-02-13)
    Open archived version from archive



  •