08 549669 ch05.qxd 4/4/03 9:24 AM Page 156 Chapter 6 Central User Management System IN THIS CHAPTER ◆ Designing a user management system for the central authentication system ◆ Implementing a user management system ◆ Managing administrator and regular users ◆ Creating a user-password application ◆ Creating a forgotten-password recovery application A CENTRAL USER MANAGEMENT system is a set of applications that enables you to manage users for your PHP applications in a central manner. Using the applications developed in this chapter you will be able to manage user accounts that are stored in the central authentication database created in the previous chapter. Identifying the Functionality Requirements First, let’s define the functionality requirements for the user management system. The user manager must provide the following functionality: ◆ Central user database: The user manager must use a central user data- base. This is a requirement because of our central authentication architec- ture. If the user database is not central, we can’t centrally authenticate the users. ◆ Root user support: A user should be identified as the root user, which cannot be deleted or deactivated by anyone including the root user itself. ◆ Administrative user support: The root user should be able to create other administrative users. ◆ Standard user support: A root or administrative user can create, modify, or delete a standard user account. 157 09 549669 ch06.qxd 4/4/03 9:24 AM Page 157 ◆ User password support: A standard user can change her password at any time after logging in. ◆ Password recovery support: If a user forgets her password, she can recover it. To implement these features we need a User object that can permit all of these operations on a user account. Creating a User Class The very first class that we need to build here is the User class, which will provide methods to add, modify, delete user accounts and also return various other infor- mation about an user. User() is the constructor method for the User class. It sets the variables shown in Table 6-1. TABLE 6-1 MEMBER VARIABLES SET IN User() METHOD Member Variable Value user_tbl Set to $USER_TBL, which is a global variable set in the user_mngr.conf file to point to the user table in the central authentication database. dbi Set to the DBI object passed as a parameter to the constructor. minimum_username_size Set to the user_mngr.conf configuration file variable, $MIN_USERNAME_SIZE, which sets the minimum size of the username allowed. min_pasword_size Set to the user_mngr.conf configuration file variable, MIN_PASSWORD_SIZE, which sets the minimum size of the password allowed. USER_ID Set to null or the user ID passed as parameter (if any). user_tbl_fields Set to an associative array, which creates a key value pair for each of the fields and field types (text or number) for the user table. If the user ID is set in the constructor then it loads the user information by call- ing the getUserInfo() method in the class. The status of the getUserInfo() 158 Part II: Developing Intranet Solutions 09 549669 ch06.qxd 4/4/03 9:24 AM Page 158 method is stored as is_user, which can be TRUE or FALSE depending on whether user information was retrieved from the database. A User class needs the following methods to implement all the operations needed for user management: Methods Description isUser() Returns TRUE if the current user_id number is really a user ID. If no user ID was supplied to the constructor method or the supplied-user ID does not point to a real user, this method returns FALSE. getUserID() Returns the current user ID. setUserID() Sets the current user ID if it is supplied or else it returns the current user ID set by the constructor method. getUserIDByName() Returns the user ID by given user name. When a valid username is given as the parameter, the method queries the user table to retrieve the appropriate user ID. getUserTypeList() Returns an associative array called $USER_TYPE, which is loaded from the user_mngr.conf file. The array defines the types of users allowed in the central user management system, and appears as follows: $USER_TYPE = array(‘1’ => ‘Administrator’, ‘2’ => ‘Standard User’); getUID() Returns the user ID (USER_ID) for the current User object. getEMAIL() Returns the e-mail address (EMAIL) for the current User object. getPASSWORD() Returns the password (PASSWORD) for the current User object. getACTIVE() Returns the active flag status of a User object. getTYPE() Returns the user type of the User object. getUserFieldList() Returns the array of user table fields. Continued Chapter 6: Central User Management System 159 09 549669 ch06.qxd 4/4/03 9:24 AM Page 159 Methods Description getUserInfo() Returns user fields for a given or current user ID. getUserList() Returns a list of users in the current user table. The associative array returned contains each user’s ID ( USER_ID) as the key and username (EMAIL) as the value. makeUpdateKeyValuePairs() This is a utility method that returns a comma separated list of key =>value pairs, which can be used to update a user record. updateUser() Updates an user data. User data is passed to this method as an associative array called $data. This array is passed to the makeUpdateKeyValuePairs() method which returns a comma separated list of key=>value pairs used in SQL update statement inside the updateUser() method. This method returns TRUE if the update is successful and returns FALSE otherwise. addUser() Adds a new user in the user table in the central authentication database. New user record is passed to the method using the $data variable. The method first escapes and quotes the textual data and makes a list of key=>value pairs to be used in the insert statement. This method returns TRUE if the update is successful and returns FALSE otherwise. deleteUser() Returns the chosen (or current) user from the database. getReturnValue() Returns TRUE if the result parameter ($r) is set to DB_OK or else it returns FALSE. This method is used to see if a database query was successful or not. Listing 6-1 shows a User class that provides the methods to implement all the oper- ations needed for user management. 160 Part II: Developing Intranet Solutions 09 549669 ch06.qxd 4/4/03 9:24 AM Page 160 . CENTRAL USER MANAGEMENT system is a set of applications that enables you to manage users for your PHP applications in a central manner. Using the applications developed in this chapter you will