Docs For Class Security

Description

Security Class

Collection of static methods for handling security within a website running on PICKLES. Requires sessions to be enabled.

usage:
1. Security::login(10);
usage:
1. Security::isLevel(SECURITY_LEVEL_ADMIN);

Located in /classes/Security.php (line 27)

Method Summary

static boolean betweenLevel (integer $low, integer $high)

static string generateHash (string $value, [mixed $salts = null])

static boolean hasLevel (integer $access_level)

static boolean isLevel (integer $access_level)

static boolean login (integer $user_id, [integer $level = null])

static boolean logout ()

Methods

static method betweenLevel (line 375)

Between Level

Checks the user's access level against the passed range.

return: whether or not the user has access
access: public

static boolean betweenLevel (integer $low, integer $high)

integer $low: access level to be checked against
integer $high: access level to be checked against

static method generateHash (line 49)

Generate Hash

Generates an SHA1 hash from the provided string. Optionally can be salted.

return: SHA1 has
access: public

static string generateHash (string $value, [mixed $salts = null])

string $value: value to hash
mixed $salts: optional salt or salts

static method hasLevel (line 337)

Has Level

Checks the user's access level against the passed level.

return: whether or not the user has access
access: public

static boolean hasLevel (integer $access_level)

integer $access_level: access level to be checked against

static method isLevel (line 300)

Is Level

Checks the user's access level is exactly the passed level

return: whether or not the user is that level
access: public

static boolean isLevel (integer $access_level)

integer $access_level: access level to be checked against

static method login (line 161)

Login

Creates a session variable containing the user ID and generated token. The token is also assigned to a cookie to be used when validating the security level. When the level value is present, the class will by pass the database look up and simply use that value when validating (the less paranoid scenario).

return: whether or not the login could be completed
access: public

static boolean login (integer $user_id, [integer $level = null])

integer $user_id: ID of the user that's been logged in
integer $level: optional level for the user being logged in

static method logout (line 191)

Logout

Clears out the security information in the session and the cookie.

return: true
access: public

static boolean logout ()