HomePHP Page 5 - User Authentication with patUser (part 1)
Breaking It Down - PHP
Need to add authentication to your PHP-based Web application? Getit done in a jiffy with patUser, a PHP class which makes it possible torapidly add powerful user management capabilities to your Web application.
2. Next, the database layer needs to be initialized. This is
accomplished by creating an instance of the patDbc class and providing it with the access parameters needed to connect to the MySQL database holding the user data. This object instance is stored in the PHP variable $db.
$db = new patMySqlDbc("localhost", "db111", "us111", "secret");
3. Once the database connection has been initialized, the
patTemplate engine also needs to be initialized. Here too, an instance of the patTemplate class is created, and provided with the location of the directory containing patUser's templates.
$tmpl = new patTemplate();
If you look in this directory, you'll see two templates,
named "patUserLogin.tmpl" and "patUserUnauthorized.tmpl". The first of these templates contains the login box that is displayed whenever the system requires user credentials, while the second contains a generic "access denied" page that is displayed when an attempt is made to access a restricted page without appropriate privileges. Both these templates are included as part of the patUser distribution, and you are free to make changes to them so that they fit into the look and feel of your application.
4. Once both template engine and database connection are awake, it's time to initialize the patUser class itself.
$u = new patUser(true);
The "true" argument to the class constructor tells patUser to
use PHP's session management capabilities to store user data in the session.
Once the object instance has been initialized, the methods setAuthDbc() and setTemplate() are used to connect it to the database connection and template engine respectively. patUser will use this information to send queries to the database and render page templates as needed.
The four steps above are fairly standard for all scripts
using the patUser class, and so it's a good idea to encapsulate them into a single function, say init(), and call that function at the start of every script so as to eliminate unnecessary repetition. A single init() function reduces redundancy, and also makes changes easier.
Once all the formalities are concluded, the requireAuthentication() method may be called to verify the user's credentials.
This method tells patUser that what follows is a restricted
page, and access should only be allowed if appropriate user credentials are available. In case these credentials are not available in the session, patUser will automatically display the contents of the "patUserLogin.tmpl" template, usually a login box. Once user credentials have been submitted, patUser will internally verify them and either permit access or display an error message.
The actual mechanics of the authentication are performed internally and automatically by the requireAuthentication() method, and you don't really need to worry about it - although if you're really interested, feel free to pop open the class file and inspect the code.
By encapsulating the business logic of user verification into a single function, patUser makes life much easier for the harried application developer - all that's needed is to add a single function call at the top of all such sensitive pages, and patUser automatically takes care of the rest.