Advanced User Management Class

Complete installation is demonstrated in the QuickStart guide demonstrations/QuickStart.html included in the source code. Estimated installation time of 10 to 15 minutes.

There is a demonstration for each feature in demonstrations/. The Usage and Documentation below is for you to get an idea of the code pre-purchase.

Snippet of Login/Logout demonstration

ActivateEmail - Deals with email acivation attempts
EmailActivation - Sending activation email and generating activation codes
ConnectionData - Provides connection information to Login/Logout
DatabaseConnection - Connects to database
Login - Handles all logins
Logout - Handles all logouts
Salter - Handles all salt methods
Sessions - Handles sessions
UMSConfig - This is the main class, most classes extend this.
UMSException - Extends Exception 
UserManagement - Handles all non user-specific functions
User - Handles all user-specific functions

Create User

$array = array( "username" => "Somebody123",
                 "password" => "mypassword123");

$ums = new UserManagement();
$ums->createUser($array);

• Username and password are the only two compulsory fields.
• The password will be automatically encrypted, so you don't need to worry yourself with that.
• If you changed any column headings in UMSConfig then the key here should be the same as your chosen heading.

For the other information you want to store on the user, just ensure the respective column exists in the table and you can use the array in the same way:

$array = array( "username" => "Somebody123",
                 "password" => "mypassword123",
                 "first_name" => "Joe",
                 "last_name" => "Bloggs",
                 "telephone" => "0800 000 0000"
                 "foo" => "bar");

$ums = new UserManagement();
$ums->createUser($array);

Check Username Availability

There is a configuration setting in UMSConfig to automatically double check if the username is available for use. This method is available for you to use too.

$ums = new UserManagement();
$result = $ums->checkUsernameAvailability("username123");

The method will return true if the username is available.

Search

The search method will automatically compile your MYSQL Query. All you need to do is feed it the information

    $ums = new UserManagement();
    $ums->search(
    $array = array(),
    $select = "*",
    $type = "EQUALS",
    $limit = false,
    $order = false,
    $direction = "DESC",
    $offset = false);

- $array is an array of the terms you want to search for in the form column => value. For example, searching for first_name Bill and last_name Bailey:
$array = array("first_name" => "Bill", "last_name" => "Bailey")
- $select is what you want to select, just like you would put in a query
- $type can be "LIKE" or "EQUALS" choosing "LIKE" will automatically wildcard the search terms by putting % either side of it.
- $limit = MYSQL Limit
- $order = column to order by
- $direction= MYSQL Order (ASC, DESC etc)
- $offset = Limit offset

The information returned will be compiled into an array and returned in the method.

User

The User class is specific to a user. This is because the user id is fed to the class when the object is created.

$user = new User(1);

The example uses an ID of 1 as an example, the Sessions class can be used to provide the ID of the user currently logged in. This is shown further down

User information is automatically retrieved from the database. Password is ommitted for security purposes. All database values except password will be accessible in the $user->info object. For example, if you have columns 'first_name' and 'last_name'. Such as:

$user->info->first_name;
$user->info->last_name;

This is automatically compiled and updated when the user info is edited. To retrieve password, use the method getPassword() (in it's encrypted form - see Salters).

$password = $user->getPassword();

Calling the method databasedSessionInformation() will load information about the users current session (if there is one) that stored in the Logins table. Informtion will be in the object $user->login_info->.... The variable name will be the same as the column heading. For example, hostname will be $user->login_info->hostname. Other information includes ip and session_id.

Edit User

$user = new User(1);
$user->edit(array("username" => "superman"));

• Array key represents the column name and the value represents the new value
• Passwords will be automatically encrypted (just like they were in creation)

Sessions

The session time limit can be set in UMSConfig $this->session_valid_time = 3600;

Sessions past the inactivity time limit will be expired and User ID is automatically checked against initial connection data to avoid session hijacking. Session expire time can be extended using updateExpire($user_id).

Usage

Throwing the above together, you can form a snippet something like this:

$session = new Sessions();
if ($session->check == true) {//User is logged in
$user = new User($_SESSION['user_id']);
$session->updateExpire($user->user_id);
}

The session class has thoroughly checked that the $_SESSION['user_id'] value is valid, permitted and has not been hijacked. Putting this at the top of all pages that require login will create object $user for the user logged in. You can add an else { } clause for an action if the user isn't logged in.

Login

$login = new Login("myusername","mypassword");

The login class requires username and password in the constructor. You can take both of these from the login form $_POST values.

if($login->result == true) {
     //login was successful...

Everything is automated. The session will automatically be created and a reference will be stored in the logins table.

Logout

A logout code was generated when the login initiated. This is accessible from the user class:

$user = new User($_SESSION['user_id']);
    print $user->logout_code;

You can put the $user->logout_code into a $_GET link on your logout page. It can then be validated as follows:

$logout = new Logout($user->user_id,$_GET['logout_code']);

if ($logout->check() == true) {
   //logout was successful...

The session is automatically destroyed, there is nothing more you need to do. Logout code aesthetics is completely customisable in UMSConfig.

Salters

All encryption is automatic, there is no need for you to manually encrypt anything. If you wish to do so the Salters class is clearly documented.

Putting it all together

Put this at the top of your initial includes file.

session_start();
$session = new Sessions();

if ($session->check == true) {//User is logged in
$user = new User($_SESSION['user_id']);
$session->updateExpire($user->user_id);
}

The $user class is created if the user is logged in and you can use it in the rest of the page.

When you want to enter UserManagement, just initiate the class.

$ums = new UserManagement();

Error Handling

You can choose if mysql_errors() are thrown via configurations settings in UMSConfig. If you set $throw_errors, they will still be accessible via getErrors(). This can be called from any class that extends UMSConfig. Exceptions are thrown by UMSException.

Advanced configuration

UMSConfig contains lots of extra debugging, error and security configuration. The code is well documented according to PHP standards.