Open Journal Systems  2.4.8
 All Classes Namespaces Functions Variables Groups Pages
Validation Class Reference

Public Member Functions

 canAdminister ($journalId, $userId)
 
 checkCredentials ($username, $password)
 
 encryptCredentials ($username, $password, $encryption=false, $legacy=null)
 
 generatePassword ($length=8)
 
 generatePasswordResetHash ($userId, $expiry=null)
 
 isAuthor ($journalId=-1)
 
 isAuthorized ($roleId, $journalId=0)
 
 isCopyeditor ($journalId=-1)
 
 isEditor ($journalId=-1)
 
 isJournalManager ($journalId=-1)
 
 isLayoutEditor ($journalId=-1)
 
 isLoggedIn ()
 
 isProofreader ($journalId=-1)
 
 isReader ($journalId=-1)
 
 isReviewer ($journalId=-1)
 
 isSectionEditor ($journalId=-1)
 
 isSiteAdmin ()
 
 isSubscriptionManager ($journalId=-1)
 
login ($username, $password, &$reason, $remember=false)
 
 logout ()
 
 redirectLogin ($message=null)
 
 suggestUsername ($firstName, $lastName)
 
 verifyPassword ($username, $password, $hash, &$rehash)
 
 verifyPasswordResetHash ($userId, $hash)
 

Detailed Description

Class providing user validation/authentication operations.

Mock implementation of the Validation class for the PKPPageRouterTest.

See Also
PKPPageRouterTest

Definition at line 21 of file Validation.inc.php.

Member Function Documentation

Validation::canAdminister (   $journalId,
  $userId 
)

Check whether a user is allowed to administer another user.

Parameters
$journalIdint
$userIdint
Returns
boolean

Definition at line 492 of file Validation.inc.php.

References DAORegistry\getDAO(), isJournalManager(), and isSiteAdmin().

Referenced by PeopleHandler\disableUser(), PeopleHandler\editUser(), PeopleHandler\mergeUsers(), LoginHandler\signInAsUser(), PeopleHandler\updateUser(), and UserManagementForm\UserManagementForm().

Validation::checkCredentials (   $username,
  $password 
)

Check if a user's credentials are valid.

Parameters
$usernamestring username
$passwordstring unencrypted password
Returns
boolean

Definition at line 195 of file Validation.inc.php.

References DAORegistry\getDAO(), and verifyPassword().

Validation::encryptCredentials (   $username,
  $password,
  $encryption = false,
  $legacy = null 
)

Encrypt user passwords for database storage. The username is used as a unique salt to make dictionary attacks against a compromised database more difficult.

Parameters
$usernamestring username (kept for backwards compatibility)
$passwordstring unencrypted password
$encryptionstring optional encryption algorithm to use, defaulting to the value from the site configuration
$legacyboolean if true, use legacy hashing technique for backwards compatibility
Returns
string encrypted password

Definition at line 260 of file Validation.inc.php.

References Hashing\getHash(), Config\getVar(), and Hashing\isSupported().

Referenced by Install\createData(), ChangePasswordForm\execute(), LoginChangePasswordForm\execute(), CreateReviewerForm\execute(), RegistrationForm\execute(), UserManagementForm\execute(), OJSPaymentManager\fulfillQueuedPayment(), UserXMLParser\generatePassword(), UserXMLParser\importUsers(), ShibAuthPlugin\registerUserFromShib(), PKPLoginHandler\resetPassword(), and verifyPassword().

Validation::generatePassword (   $length = 8)

Generate a random password. Assumes the random number generator has already been seeded.

Parameters
$lengthint the length of the password to generate (default 8)
Returns
string

Definition at line 292 of file Validation.inc.php.

Referenced by CaptchaManager\createCaptcha(), AccessKeyManager\createKey(), ChangePasswordForm\execute(), LoginChangePasswordForm\execute(), CreateReviewerForm\execute(), UserManagementForm\execute(), OJSPaymentManager\fulfillQueuedPayment(), UserXMLParser\generatePassword(), ShibAuthPlugin\registerUserFromShib(), and PKPLoginHandler\resetPassword().

Validation::generatePasswordResetHash (   $userId,
  $expiry = null 
)

Generate a hash value to use for confirmation to reset a password.

Parameters
$userIdint
$expiryint timestamp when hash expires, defaults to CURRENT_TIME + RESET_SECONDS
Returns
string (boolean false if user is invalid)

Definition at line 309 of file Validation.inc.php.

References DAORegistry\getDAO(), and Config\getVar().

Referenced by SectionEditorAction\notifyReviewer(), SectionEditorAction\remindReviewer(), PKPLoginHandler\requestResetPassword(), and verifyPasswordResetHash().

Validation::isAuthorized (   $roleId,
  $journalId = 0 
)

Check if a user is authorized to access the specified role in the specified journal.

Parameters
$roleIdint
$journalIdoptional (e.g., for global site admin role), the ID of the journal
Returns
boolean

Definition at line 231 of file Validation.inc.php.

References DAORegistry\getDAO(), Request\getJournal(), SessionManager\getManager(), and isLoggedIn().

Referenced by isAuthor(), isCopyeditor(), isEditor(), isJournalManager(), isLayoutEditor(), isProofreader(), isReader(), isReviewer(), isSectionEditor(), isSiteAdmin(), and isSubscriptionManager().

Validation::isCopyeditor (   $journalId = -1)

Shortcut for checking authorization as copyeditor.

Parameters
$journalIdint
Returns
boolean

Definition at line 446 of file Validation.inc.php.

References isAuthorized().

Referenced by UserHandler\_getRoleDataForJournal().

Validation::isLayoutEditor (   $journalId = -1)

Shortcut for checking authorization as layout editor.

Parameters
$journalIdint
Returns
boolean

Definition at line 428 of file Validation.inc.php.

References isAuthorized().

Referenced by UserHandler\_getRoleDataForJournal(), IssueHandler\_isVisibleIssue(), and IssueManagementHandler\validate().

Validation::isProofreader (   $journalId = -1)

Shortcut for checking authorization as proofreader.

Parameters
$journalIdint
Returns
boolean

Definition at line 455 of file Validation.inc.php.

References isAuthorized().

Referenced by UserHandler\_getRoleDataForJournal(), and IssueHandler\_isVisibleIssue().

Validation::isReader (   $journalId = -1)

Shortcut for checking authorization as reader.

Parameters
$journalIdint
Returns
boolean

Definition at line 473 of file Validation.inc.php.

References isAuthorized().

Referenced by ProfileForm\execute(), and ProfileForm\initData().

Validation::isReviewer (   $journalId = -1)

Shortcut for checking authorization as reviewer.

Parameters
$journalIdint
Returns
boolean

Definition at line 437 of file Validation.inc.php.

References isAuthorized().

Referenced by UserHandler\_getRoleDataForJournal(), NotificationSettingsForm\display(), ProfileForm\execute(), and ProfileForm\initData().

Validation::isSectionEditor (   $journalId = -1)

Shortcut for checking authorization as section editor.

Parameters
$journalIdint
Returns
boolean

Definition at line 419 of file Validation.inc.php.

References isAuthorized().

Referenced by UserHandler\_getRoleDataForJournal(), NotificationSettingsForm\display(), EmailHandler\email(), and ReferralHandler\updateReferral().

Validation::isSubscriptionManager (   $journalId = -1)

Shortcut for checking authorization as subscription manager.

Parameters
$journalIdint
Returns
boolean

Definition at line 482 of file Validation.inc.php.

References isAuthorized().

Referenced by UserHandler\_getRoleDataForJournal().

& Validation::login (   $username,
  $password,
$reason,
  $remember = false 
)

Authenticate user credentials and mark the user as logged in in the current session.

Parameters
$usernamestring authenticating user's id; null if implicit auth is happening
$passwordstring unencrypted password
$reasonstring reference to string to receive the reason an account was disabled; null otherwise
$rememberboolean remember a user's session past the current browser session
Returns
User the User associated with the login credentials, or false if the credentials are invalid

Definition at line 31 of file Validation.inc.php.

References HookRegistry\call(), Core\getCurrentDate(), DAORegistry\getDAO(), SessionManager\getManager(), Config\getVar(), isLoggedIn(), PluginRegistry\loadCategory(), and verifyPassword().

Referenced by PKPLoginHandler\implicitAuthReturn(), RegistrationHandler\registerUser(), PKPLoginHandler\savePassword(), and PKPLoginHandler\signIn().

Validation::logout ( )

Mark the user as logged out in the current session.

Returns
boolean

Definition at line 154 of file Validation.inc.php.

References DAORegistry\getDAO(), and SessionManager\getManager().

Referenced by PKPLoginHandler\signIn(), PKPLoginHandler\signOut(), and ReviewerHandler\validateAccessKey().

Validation::suggestUsername (   $firstName,
  $lastName 
)
Validation::verifyPassword (   $username,
  $password,
  $hash,
$rehash 
)

verify if the input password is correct

Parameters
string$usernamethe string username
string$passwordthe plaintext password
string$hashthe password hash from the database
string&$rehashif password needs rehash, this variable is used
Returns
boolean

Definition at line 131 of file Validation.inc.php.

References encryptCredentials(), Hashing\isSupported(), Hashing\isValid(), and Hashing\needsRehash().

Referenced by checkCredentials(), and login().

Validation::verifyPasswordResetHash (   $userId,
  $hash 
)

Check if provided password reset hash is valid.

Parameters
$userIdint
$hashstring
Returns
boolean

Definition at line 351 of file Validation.inc.php.

References generatePasswordResetHash().

Referenced by PKPLoginHandler\resetPassword().


The documentation for this class was generated from the following files: