joshtronic/pickles
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions
pickles/docs/PICKLES/Security.html

384 lines
No EOL
15 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<!-- template designed by Marco Von Ballmoos -->
<title>Docs For Class Security</title>
<link rel="stylesheet" href="../media/stylesheet.css" />
<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
</head>
<body>
<div class="page-body">
<h2 class="class-name">Class Security</h2>
<a name="sec-description"></a>
<div class="info-box">
<div class="info-box-title">Description</div>
<div class="nav-bar">
<span class="disabled">Description</span> |
<a href="#sec-method-summary">Methods</a> (<a href="#sec-methods">details</a>)
</div>
<div class="info-box-body">
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">Security Class</p>
<p class="description"><p>Collection of static methods for handling security within a website running on PICKLES. Requires sessions to be enabled.</p></p>
<ul class="tags">
<li><span class="field">usage:</span> <div class="src-code"><ol><li><div class="src-line"><span class="src-id"><a href="../PICKLES/Security.html">Security</a></span><span class="src-sym">::</span><a href="../PICKLES/Security.html#methodlogin">login</a><span class="src-sym">(</span><span class="src-num">10</span><span class="src-sym">)</span><span class="src-sym">;</span></div></li>
</ol></div></li>
<li><span class="field">usage:</span> <div class="src-code"><ol><li><div class="src-line"><span class="src-id"><a href="../PICKLES/Security.html">Security</a></span><span class="src-sym">::</span><a href="../PICKLES/Security.html#methodisLevel">isLevel</a><span class="src-sym">(</span><span class="src-id">SECURITY_LEVEL_ADMIN</span><span class="src-sym">)</span><span class="src-sym">;</span></div></li>
</ol></div></li>
</ul>
<p class="notes">
Located in <a class="field" href="_classes---Security.php.html">/classes/Security.php</a> (line <span class="field">27</span>)
</p>
<pre></pre>
</div>
</div>
<a name="sec-method-summary"></a>
<div class="info-box">
<div class="info-box-title">Method Summary</span></div>
<div class="nav-bar">
<a href="#sec-description">Description</a> |
<span class="disabled">Methods</span> (<a href="#sec-methods">details</a>)
</div>
<div class="info-box-body">
<div class="method-summary">
<div class="method-definition">
static <span class="method-result">boolean</span>
<a href="#betweenLevel" title="details" class="method-name">betweenLevel</a>
(<span class="var-type">integer</span>&nbsp;<span class="var-name">$low</span>, <span class="var-type">integer</span>&nbsp;<span class="var-name">$high</span>)
</div>
<div class="method-definition">
static <span class="method-result">string</span>
<a href="#generateHash" title="details" class="method-name">generateHash</a>
(<span class="var-type">string</span>&nbsp;<span class="var-name">$source</span>, [<span class="var-type">mixed</span>&nbsp;<span class="var-name">$salts</span> = <span class="var-default">null</span>])
</div>
<div class="method-definition">
static <span class="method-result">string</span>
<a href="#generateSHA256Hash" title="details" class="method-name">generateSHA256Hash</a>
(<span class="var-type">string</span>&nbsp;<span class="var-name">$source</span>, <span class="var-type">mixed</span>&nbsp;<span class="var-name">$salt</span>)
</div>
<div class="method-definition">
static <span class="method-result">boolean</span>
<a href="#hasLevel" title="details" class="method-name">hasLevel</a>
(<span class="var-type">integer</span>&nbsp;<span class="var-name">$access_level</span>)
</div>
<div class="method-definition">
static <span class="method-result">boolean</span>
<a href="#isLevel" title="details" class="method-name">isLevel</a>
(<span class="var-type">integer</span>&nbsp;<span class="var-name">$access_level</span>)
</div>
<div class="method-definition">
static <span class="method-result">boolean</span>
<a href="#login" title="details" class="method-name">login</a>
(<span class="var-type">integer</span>&nbsp;<span class="var-name">$user_id</span>, [<span class="var-type">integer</span>&nbsp;<span class="var-name">$level</span> = <span class="var-default">null</span>])
</div>
<div class="method-definition">
static <span class="method-result">boolean</span>
<a href="#logout" title="details" class="method-name">logout</a>
()
</div>
<div class="method-definition">
static <span class="method-result">string</span>
<a href="#sha256" title="details" class="method-name">sha256</a>
(<span class="var-type">string</span>&nbsp;<span class="var-name">$source</span>)
</div>
</div>
</div>
</div>
<a name="sec-methods"></a>
<div class="info-box">
<div class="info-box-title">Methods</div>
<div class="nav-bar">
<a href="#sec-description">Description</a> |
<a href="#sec-method-summary">Methods</a> (<span class="disabled">details</span>)
</div>
<div class="info-box-body">
<A NAME='method_detail'></A>
<a name="methodbetweenLevel" id="betweenLevel"><!-- --></a>
<div class="evenrow">
<div class="method-header">
<span class="method-title">static method betweenLevel</span> (line <span class="line-number">413</span>)
</div>
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">Between Level</p>
<p class="description"><p>Checks the user's access level against the passed range.</p></p>
<ul class="tags">
<li><span class="field">return:</span> whether or not the user has access</li>
<li><span class="field">access:</span> public</li>
</ul>
<div class="method-signature">
static
<span class="method-result">boolean</span>
<span class="method-name">
betweenLevel
</span>
(<span class="var-type">integer</span>&nbsp;<span class="var-name">$low</span>, <span class="var-type">integer</span>&nbsp;<span class="var-name">$high</span>)
</div>
<ul class="parameters">
<li>
<span class="var-type">integer</span>
<span class="var-name">$low</span><span class="var-description">: access level to be checked against</span> </li>
<li>
<span class="var-type">integer</span>
<span class="var-name">$high</span><span class="var-description">: access level to be checked against</span> </li>
</ul>
</div>
<a name="methodgenerateHash" id="generateHash"><!-- --></a>
<div class="oddrow">
<div class="method-header">
<span class="method-title">static method generateHash</span> (line <span class="line-number">49</span>)
</div>
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">Generate Hash</p>
<p class="description"><p>Generates an SHA1 hash from the provided string. Salt optional.</p></p>
<ul class="tags">
<li><span class="field">return:</span> SHA1 hash</li>
<li><span class="field">access:</span> public</li>
</ul>
<div class="method-signature">
static
<span class="method-result">string</span>
<span class="method-name">
generateHash
</span>
(<span class="var-type">string</span>&nbsp;<span class="var-name">$source</span>, [<span class="var-type">mixed</span>&nbsp;<span class="var-name">$salts</span> = <span class="var-default">null</span>])
</div>
<ul class="parameters">
<li>
<span class="var-type">string</span>
<span class="var-name">$source</span><span class="var-description">: value to hash</span> </li>
<li>
<span class="var-type">mixed</span>
<span class="var-name">$salts</span><span class="var-description">: optional salt or salts</span> </li>
</ul>
</div>
<a name="methodgenerateSHA256Hash" id="generateSHA256Hash"><!-- --></a>
<div class="evenrow">
<div class="method-header">
<span class="method-title">static method generateSHA256Hash</span> (line <span class="line-number">108</span>)
</div>
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">Generate SHA-256 Hash</p>
<p class="description"><p>Generates an SHA-256 hash from the provided string and salt. Borrowed the large iteration logic from fCryptography::hashWithSalt() as, and I quote, &quot;makes rainbow table attacks infesible&quot;.</p></p>
<ul class="tags">
<li><span class="field">return:</span> SHA-256 hash</li>
<li><span class="field">link:</span> <a href="https://github.com/flourishlib/flourish-classes/blob/master/fCryptography.php">https://github.com/flourishlib/flourish-classes/blob/master/fCryptography.php</a></li>
<li><span class="field">access:</span> public</li>
</ul>
<div class="method-signature">
static
<span class="method-result">string</span>
<span class="method-name">
generateSHA256Hash
</span>
(<span class="var-type">string</span>&nbsp;<span class="var-name">$source</span>, <span class="var-type">mixed</span>&nbsp;<span class="var-name">$salt</span>)
</div>
<ul class="parameters">
<li>
<span class="var-type">string</span>
<span class="var-name">$source</span><span class="var-description">: value to hash</span> </li>
<li>
<span class="var-type">mixed</span>
<span class="var-name">$salt</span><span class="var-description">: value to use as salt</span> </li>
</ul>
</div>
<a name="methodhasLevel" id="hasLevel"><!-- --></a>
<div class="oddrow">
<div class="method-header">
<span class="method-title">static method hasLevel</span> (line <span class="line-number">375</span>)
</div>
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">Has Level</p>
<p class="description"><p>Checks the user's access level against the passed level.</p></p>
<ul class="tags">
<li><span class="field">return:</span> whether or not the user has access</li>
<li><span class="field">access:</span> public</li>
</ul>
<div class="method-signature">
static
<span class="method-result">boolean</span>
<span class="method-name">
hasLevel
</span>
(<span class="var-type">integer</span>&nbsp;<span class="var-name">$access_level</span>)
</div>
<ul class="parameters">
<li>
<span class="var-type">integer</span>
<span class="var-name">$access_level</span><span class="var-description">: access level to be checked against</span> </li>
</ul>
</div>
<a name="methodisLevel" id="isLevel"><!-- --></a>
<div class="evenrow">
<div class="method-header">
<span class="method-title">static method isLevel</span> (line <span class="line-number">338</span>)
</div>
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">Is Level</p>
<p class="description"><p>Checks the user's access level is exactly the passed level</p></p>
<ul class="tags">
<li><span class="field">return:</span> whether or not the user is that level</li>
<li><span class="field">access:</span> public</li>
</ul>
<div class="method-signature">
static
<span class="method-result">boolean</span>
<span class="method-name">
isLevel
</span>
(<span class="var-type">integer</span>&nbsp;<span class="var-name">$access_level</span>)
</div>
<ul class="parameters">
<li>
<span class="var-type">integer</span>
<span class="var-name">$access_level</span><span class="var-description">: access level to be checked against</span> </li>
</ul>
</div>
<a name="methodlogin" id="login"><!-- --></a>
<div class="oddrow">
<div class="method-header">
<span class="method-title">static method login</span> (line <span class="line-number">199</span>)
</div>
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">Login</p>
<p class="description"><p>Creates a session variable containing the user ID and generated token. The token is also assigned to a cookie to be used when validating the security level. When the level value is present, the class will by pass the database look up and simply use that value when validating (the less paranoid scenario).</p></p>
<ul class="tags">
<li><span class="field">return:</span> whether or not the login could be completed</li>
<li><span class="field">access:</span> public</li>
</ul>
<div class="method-signature">
static
<span class="method-result">boolean</span>
<span class="method-name">
login
</span>
(<span class="var-type">integer</span>&nbsp;<span class="var-name">$user_id</span>, [<span class="var-type">integer</span>&nbsp;<span class="var-name">$level</span> = <span class="var-default">null</span>])
</div>
<ul class="parameters">
<li>
<span class="var-type">integer</span>
<span class="var-name">$user_id</span><span class="var-description">: ID of the user that's been logged in</span> </li>
<li>
<span class="var-type">integer</span>
<span class="var-name">$level</span><span class="var-description">: optional level for the user being logged in</span> </li>
</ul>
</div>
<a name="methodlogout" id="logout"><!-- --></a>
<div class="evenrow">
<div class="method-header">
<span class="method-title">static method logout</span> (line <span class="line-number">229</span>)
</div>
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">Logout</p>
<p class="description"><p>Clears out the security information in the session and the cookie.</p></p>
<ul class="tags">
<li><span class="field">return:</span> true</li>
<li><span class="field">access:</span> public</li>
</ul>
<div class="method-signature">
static
<span class="method-result">boolean</span>
<span class="method-name">
logout
</span>
()
</div>
</div>
<a name="methodsha256" id="sha256"><!-- --></a>
<div class="oddrow">
<div class="method-header">
<span class="method-title">static method sha256</span> (line <span class="line-number">91</span>)
</div>
<!-- ========== Info from phpDoc block ========= -->
<p class="short-description">SHA-256</p>
<p class="description"><p>Generates an SHA-256 hash from the provided string.</p></p>
<ul class="tags">
<li><span class="field">return:</span> SHA1 hash</li>
<li><span class="field">access:</span> public</li>
</ul>
<div class="method-signature">
static
<span class="method-result">string</span>
<span class="method-name">
sha256
</span>
(<span class="var-type">string</span>&nbsp;<span class="var-name">$source</span>)
</div>
<ul class="parameters">
<li>
<span class="var-type">string</span>
<span class="var-name">$source</span><span class="var-description">: value to hash</span> </li>
</ul>
</div>
</div>
</div>
<p class="notes" id="credit">
Documentation generated on Sun, 14 Oct 2012 14:02:19 -0400 by <a href="http://www.phpdoc.org" target="_blank">phpDocumentor 1.4.4</a>
</p>
</div></body>
</html>
Reference in a new issue View git blame Copy permalink