Configuring user administration application messages Like any other application in our application framework, all user management applications need to have an external message file that contains all the interna- tionalized messages printed from applications. Listing 6-4 shows such a message file, called user_mngr.messages. Listing 6-4: user_mngr.messages <?php $MESSAGES[‘US’][‘USER_ADD_SUCCESSFUL’] = “User added.”; $MESSAGES[‘US’][‘USER_ADD_FAILED’] = “User not added.”; $MESSAGES[‘US’][‘USER_MODIFY_SUCCESSFUL’] = “User modified.”; $MESSAGES[‘US’][‘USER_MODIFY_FAILED’] = “User not modified.”; $MESSAGES[‘US’][‘USER_DELETE_SUCCESSFUL’] = “User deleted.”; $MESSAGES[‘US’][‘USER_DELETE_FAILED’] = “User not deleted.”; $MESSAGES[‘US’][‘USER_INFO_MISSING’] = “Cannot locate user information.”; $MESSAGES[‘US’][‘PWD_EMAIL_SENT’] = “An email with password reset link has been sent to you.”; $MESSAGES[‘US’][‘PWD_EMAIL_NOT_SENT’] = “Could not send email due to mail problem. Try later.”; ?> Configuring user administration application error messages Again, like any other application in our application framework, all user manage- ment applications need to have an external error message file that contains all the internationalized error messages printed from applications. Listing 6-5 shows such an error message file, called user_mngr.errors. Listing 6-5: user_mngr.errors <?php // Errors for user manager apps $ERRORS[‘US’][‘APP_FAILURE’] = “Application failure”; 186 Part II: Developing Intranet Solutions 09 549669 ch06.qxd 4/4/03 9:24 AM Page 186 $ERRORS[‘US’][‘UNAUTHORIZED_ACCESS’] = “You do not have privilege to access this application.”; $ERRORS[‘US’][‘INVALID_REQUEST’] = “Invalid request.”; $ERRORS[‘US’][‘USERNAME_MISSING’] = “Please enter email as the username.”; $ERRORS[‘US’][‘PASSWORD1_MISSING’] = “Please enter password.”; $ERRORS[‘US’][‘PASSWORD2_MISSING’] = “Please enter confirmation password.”; $ERRORS[‘US’][‘USER_TYPE_MISSING’] = “Please select user type.”; $ERRORS[‘US’][‘PASSWORD_MISMATCH’] = “Passwords do not match.”; $ERRORS[‘US’][‘PASSWORD_MISMATCH’] = “Password and confirmation password do not match.”; $ERRORS[‘US’][‘INVALID_PASSWORD’] = “This password is too short or invalid .”; $ERRORS[‘US’][‘USER_DELETE_NOT_ALLOWED’] = “This (root) user cannot be deleted.”; $ERRORS[‘US’][‘USER_NOT_FOUND’] = “User not found.”; $ERRORS[‘US’][‘INACTIVE_NOT_OK’] = “This (root) user cannot be deactivated.”; $ERRORS[‘US’][‘OPERATION_NOT_ALLOWED’] = “You cannot reduce privilege of a root user.”; ?> Testing the user management application After you’ve created class.User.php, user_mngr.php, user_mngr.conf, user_mngr.messages, and user_mngr.errors files in the appropriate directories as configured in user_mngr.conf, you can test the application. In this section, I will assume that the user manager application is installed in the following directory structure and accessible by http://php.evoknow.com/ /user_mngr/apps/ user_mngr.php . (%DOCUMENT_ROOT) + user_mngr | + apps | + templates Chapter 6: Central User Management System 187 09 549669 ch06.qxd 4/4/03 9:24 AM Page 187 To access the user manager application for the first time, you need the admin account created in Chapter 5. When you try to access the user_mngr.php application it will redirect you to the central login application unless you’re already logged in. Enter the admin username and password created in Chapter 5. You should now see the main user management interface, as shown in Figure 6-1. Figure 6-1: The user management menu. This menu enables you to add, modify, and delete users in the entire system. To create a new user, click on the Add User button, which displays the interface shown in Figure 6-2. Enter new user information and click on Add User button to create the new user. If you choose to make a new user inactive, the new user cannot log in until you change his account to active. When creating a new user,you don’t need to enter the host name part of the username (EMAIL) if the user’s host name matches the $DEFAULT_DOMAIN setting specified in the user_mngr.conf file. When you’ve added the user, her username (EMAIL) appears in the list of existing users that you can modify or delete. To modify a user, select the username from the drop-down list on the user manager interface (refer to Figure 6-1), click the Modify User button, and change information as needed on the modify-user interface, shown in Figure 6-3. 188 Part II: Developing Intranet Solutions 09 549669 ch06.qxd 4/4/03 9:24 AM Page 188 Figure 6-2: Adding a new user. Figure 6-3: Modifying an existing user. You can delete a user other than the root user at any time. To delete a user, select the username from the drop-down list on the user manager interface, and click the Delete User button. Be warned that the delete operation is irreversible. However, you cannot delete the root user, which is set in the $ROOT_USER variable in the con- figuration file. Chapter 6: Central User Management System 189 09 549669 ch06.qxd 4/4/03 9:24 AM Page 189 Don’t attempt to deactivate the root user or downgrade a root user’s type from administrator to standard.This will create a problem since you will not be able to manage users until you manually fix this. Creating a User Password Application Users should be able to change their passwords without the need to inform the user administrator, so the central user management system needs a user password- changing tool. We’ll use a user password application called user_mngr_passwd.php. Let’s look at the methods implemented in this application. changePassword() is the method used to actually implement the password change, and it: 1. Uses checkPassword() to check the new password against the confirma- tion password and makes sure they are same. If they are not same, the method shows an alert message. 2. Generates a random two-character salt string to encrypt the new pass- word. 3. Uses $userObj to call the updateUser() method to change the current password with the new password. 4. Displays the success or failure status of the updateUser() operation on the screen. Following are the other methods used in the user password application: Method Description run() Calls the changePasswordDriver() method to change the password. changePasswordDriver() Uses the form variable $step to manage the password-change process. If $step is not set, showScreen() is used to display the password- change request form. If $step is set to 2 in the change request form, changePassword() is used to change the password. 190 Part II: Developing Intranet Solutions 09 549669 ch06.qxd 4/4/03 9:24 AM Page 190 . installed in the following directory structure and accessible by http:/ /php. evoknow.com/ /user_mngr/apps/ user_mngr .php . (%DOCUMENT_ROOT) + user_mngr | + apps | + templates Chapter 6: Central User. a root user.”; ?> Testing the user management application After you’ve created class.User .php, user_mngr .php, user_mngr.conf, user_mngr.messages, and user_mngr.errors files in the appropriate directories as. 6-4 shows such a message file, called user_mngr.messages. Listing 6-4: user_mngr.messages < ?php $MESSAGES[‘US’][‘USER_ADD_SUCCESSFUL’] = “User added.”; $MESSAGES[‘US’][‘USER_ADD_FAILED’] =