Validation Class Reference

Class providing user validation/authentication operations. More...

List of all members.

Public Member Functions
	canAdminister ($administeredUserId, $administratorUserId)
	checkCredentials ($username, $password)
	encryptCredentials ($username, $password, $encryption=false)
	generatePassword ($length=8)
	generatePasswordResetHash ($userId)
	isAuthorized ($roleId, $pressId=0)
	isLoggedIn ()
	isPressManager ($pressId=-1)
	isSeriesEditor ($pressId=-1)
	isSiteAdmin ()
&	login ($username, $password, &$reason, $remember=false)
	logout ()
	redirectLogin ($message=null)
	suggestUsername ($firstName, $lastName)

---

Detailed Description

Class providing user validation/authentication operations.

Definition at line 18 of file Validation.inc.php.

---

Member Function Documentation

Validation.canAdminister	(	$	administeredUserId,
		$	administratorUserId
	)

Check whether a user is allowed to administer another user.

Parameters:

	$administeredUserId	int
	$administratorUserId	int

Returns:

boolean

Definition at line 320 of file Validation.inc.php.

Referenced by UserGridHandler.disableUser(), UserGridHandler.editDisableUser(), UserGridHandler.editEmail(), UserGridHandler.editUser(), UserGridHandler.removeUser(), UserGridHandler.sendEmail(), LoginHandler.signInAsUser(), UserGridHandler.updateUser(), and UserGridHandler.updateUserRoles().

Validation.checkCredentials	(	$	username,
		$	password
	)

Check if a user's credentials are valid.

Parameters:

	$username	string username
	$password	string unencrypted password

Returns:

boolean

Definition at line 159 of file Validation.inc.php.

References encryptCredentials().

Validation.encryptCredentials	(	$	username,
		$	password,
		$	encryption = false
	)

Encrypt user passwords for database storage. The username is used as a unique salt to make dictionary attacks against a compromised database more difficult.

Parameters:

	$username	string username
	$password	string unencrypted password
	$encryption	string optional encryption algorithm to use, defaulting to the value from the site configuration

Returns:

string encrypted password

Definition at line 214 of file Validation.inc.php.

Referenced by checkCredentials(), Install.createData(), CreateReviewerForm.execute(), UserDetailsForm.execute(), RegistrationForm.execute(), LoginChangePasswordForm.execute(), ChangePasswordForm.execute(), UserXMLParser.generatePassword(), UserXMLParser.importUsers(), and login().

Validation.generatePassword

(

$

length = 8

)

Generate a random password. Assumes the random number generator has already been seeded.

Parameters:

$length

int the length of the password to generate (default 8)

Returns:

string

Definition at line 238 of file Validation.inc.php.

Referenced by CreateReviewerForm.execute(), UserDetailsForm.execute(), LoginChangePasswordForm.execute(), and ChangePasswordForm.execute().

Validation.generatePasswordResetHash

(

$

userId

)

Generate a hash value to use for confirmation to reset a password.

Parameters:

$userId

int

Returns:

string (boolean false if user is invalid)

Definition at line 254 of file Validation.inc.php.

Referenced by ThankReviewerForm.initData(), ReviewReminderForm.initData(), and AuditorReminderForm.initData().

Validation.isAuthorized	(	$	roleId,
		$	pressId = 0
	)

Check if a user is authorized to access the specified role in the specified press.

Parameters:

	$roleId	int
	$pressId	optional (e.g., for global site admin role), the ID of the press

Returns:

boolean

Definition at line 186 of file Validation.inc.php.

References Request.getPress(), and isLoggedIn().

Referenced by isPressManager(), isSeriesEditor(), and isSiteAdmin().

Validation.isLoggedIn

(

)

Check if the user must change their password in order to log in.

Returns:

boolean

Definition at line 280 of file Validation.inc.php.

Referenced by isAuthorized(), login(), and UserHandler.validate().

Validation.isPressManager

(

$

pressId = -1

)

Shortcut for checking authorization as press manager.

Parameters:

$pressId

int

Returns:

boolean

Definition at line 301 of file Validation.inc.php.

References isAuthorized().

Referenced by PressGridRow.initialize().

Validation.isSeriesEditor

(

$

pressId = -1

)

Shortcut for checking authorization as series editor.

Parameters:

$pressId

int

Returns:

boolean

Definition at line 310 of file Validation.inc.php.

References isAuthorized().

Validation.isSiteAdmin

(

)

Shortcut for checking authorization as site admin.

Returns:

boolean

Definition at line 292 of file Validation.inc.php.

References isAuthorized().

Referenced by IndexHandler.index(), and LanguageGridRow.initialize().

& Validation.login	(	$	username,
		$	password,
		&$	reason,
		$	remember = false
	)

Authenticate user credentials and mark the user as logged in in the current session.

Parameters:

	$username	string
	$password	string unencrypted password
	$reason	string reference to string to receive the reason an account was disabled; null otherwise
	$remember	boolean remember a user's session past the current browser session

Returns:

User the User associated with the login credentials, or false if the credentials are invalid

Definition at line 28 of file Validation.inc.php.

References encryptCredentials(), and isLoggedIn().

Referenced by RegistrationHandler.registerUser().

Validation.logout

(

)

Mark the user as logged out in the current session.

Returns:

boolean

Definition at line 118 of file Validation.inc.php.

Validation.redirectLogin

(

$

message = null

)

Redirect to the login page, appending the current URL as the source.

Parameters:

$message

string Optional name of locale key to add to login page

Definition at line 140 of file Validation.inc.php.

Referenced by UserHandler.validate().

Validation.suggestUsername	(	$	firstName,
		$	lastName
	)

Suggest a username given the first and last names.

Returns:

string

Definition at line 267 of file Validation.inc.php.

---

The documentation for this class was generated from the following file:

• classes/security/Validation.inc.php