This article is an excerpt from Chapter 2 of Foundations of Pear, reprinted with permission from Apress.
Many Internet sites have at least some form of authentication, requiring a username and password that allows a user to be able to view content on the site or to post comments and edit content.
The authentication packages in this section provide a way of adding authentication and basic preference management to a site without you having to spend the time writing your own. After all, nearly all authentication is identical in its basic functionality, and there’s usually no good reason to spin off your own code if it’s already written for you.
The Auth package provides the base for authentication and allows you to store user information in a variety of different locations. The Auth package can use a database, a Simple Object Access Protocol (SOAP) call, or the traditional Unix-style passwd file.
The Auth_HTTP package provides a way for you to use HTTP standard challenges for authentication. Your web browser interprets the challenge from the server and shows an input box for the username and password. You might like this option if you don’t want to worry about writing your own HTML form to request the information.
The third and final package that’s discussed in this section is the Auth_PrefManager package. You can use this package to allow users to customize their experience with the site by storing user preferences. The examples of this behavior in this section are basic, but the projects at the end of this book dig deeper into using the Auth_PrefManager package.
You use the Auth package to authenticate users in your site. Out of the box, it supports many different ways of authenticating users, including storage in a database, in files, or even by using SOAP calls. You can even write a custom container object that allows you to write your own method to authenticate users.
The common uses of the Auth package include the following:
- Quickly adding authentication to a database
- Adding authentication to Lightweight Directory Access Protocol (LDAP)
- Authenticating against password files
The Auth package depends on the packages listed here.
- MDB2 2.0.0.RC1
The constructor creates an instance of an Auth object.
void Auth(mixed $storageDriver [, mixed $options] [, string $loginFunction] [, boolean $showLogin = true])
|$storageDriver||mixed||This parameter can either be the name of the driver to use or|
|it can be a custom Auth_Container object.|
|$options||mixed||The options that are given for the provided storage driver.|
|$loginFunction||string||The name of the function that can be called to log in.|
|$showLogin||boolean||Determines whether or not to display the login page. Default|
|value is true.|
Adds a new user and returns true if the addition is successful. If the addition fails, the function will return AUTH_METHOD_NOT_SUPPORTED.
mixed addUser(string $username, string $password [mixed $additional = “”])
|$username||string||The name of the user that will be added to the storage|
|container. The storage container is the repository of user|
|information, such as a database or passwd file.|
|$password||string||The user’s password that will be added.|
|$additional||mixed||Additional options used by the storage container.|
Changes the password for the given user and returns true if the change is successful. If the change fails, it will return AUTH_METHOD_NOT_SUPPORTED.
mixed changePassword(string $username, string $password)
Parameter Type Description
$username string The name of the user that is getting the password changed.