This login script allows you to add and remove users easily by editing the XML file
accounts.xml. Out of the box, the script supports 4 user account types. These are as follows:
- Registered User
- Moderator
- Administrator
- Super Administrator
You may easily add new user accounts by creating a new file in the
levels folder. Each access level has a separate class and file, and should always implement the
TalkPHP_Level_Interface interface.
Configuration
By default there are 4 user accounts of all 4 user permissions. The
index.php file is set-up to login to the first account:
User1 with the password as
password. Logging in is easily done via the
login function:
php Code:
$pLogin->login('User1', 'password');
All these accounts may be edited, and new ones added via the
accounts.xml file in the
TalkPHP_Login directory.
Adding Accounts
If you open up accounts.xml in a plain text editor such as Notepad or Vi, you will see how easy it is to add and remove user accounts. A basic user segment is formatted like so:
xml Code:
<account>
<username>User1</username>
<password>password</password>
<level>User</level>
</account>
The
username and
password nodes should be fairly self-explanatory, whilst the
level is also self-explanatory, there is a set way to do them. The 4 levels you may enter here are as follows:
- User
- Moderator
- Administrator
- Super Administrator
The username and password are case-sensitive, whereas the user levels are not. It's best to stick to the case-sensitivity as described above, however, merely for standard reasons.
If you enter an incorrect user level name then that account will not be added, and casually ignored without throwing any errors. If an account is not being added then ensure you have specified a correct user level. As the user levels are all dynamic, these levels are named after the class name as outlined below.
Adding User Levels
In order to add a new user level you will need to have a little experience in PHP. Let's add a Gremlin account who will have both Moderator and User permissions, but no more.
Create a new file in
TalkPHP_Login/levels called
levels_gremlin.php. If you copy and paste the details from one of the other files in there then we can easily edit just a few items and have done with it.
The items you need to modify are as follows:
php Code:
/* Used as the account level name: */
$this->m_szLevelName = 'Cheeky Gremlin';
/* Permissions which this user has: */
return TALKPHP_LOGIN_GREMLIN | TALKPHP_LOGIN_USER | TALKPHP_LOGIN_MODERATOR;
The class name itself also needs to be changed to:
TalkPHP_Level_Gremlin.
Those are the only changes we need to make so save the file! As you can see we have used a constant called
TALKPHP_LOGIN_GREMLIN which we have not yet defined. To add the constant open the file
TalkPHP_Login/access.class.php and at the top where the defines are, add a new line like so:
php Code:
define('TALKPHP_LOGIN_GREMLIN',
1 <<
5);
You don't necessarily need to know what these
bitwise operators do exactly, but to have a little inkling, they basically set the permissions. The basic rule to adding them is keep the 1 as is, and just increment the second digit by 1 from the define above it. Therefore for every new account after the one above will be:
php Code:
define('TALKPHP_LOGIN_GREMLIN_2',
1 <<
6);
define('TALKPHP_LOGIN_GREMLIN_3',
1 <<
7);
define('TALKPHP_LOGIN_GREMLIN_4',
1 <<
8);
Once you have done all that we are ready to go! Our new user level has been added, and none of the other accounts have been affected. All we have to do test it is modify our
accounts.xml file to set a user to the Gremlin level, like so:
xml Code:
<account>
<username>User1</username>
<password>password</password>
<level>Gremlin</level>
</account>
The Gremlin level's name is taken directly from the class itself that we created in
TalkPHP_Login/levels:
php Code:
class TalkPHP_Level_Gremlin implements TalkPHP_Level_Interface
{
}
Security
As far as I can see, there are no security holes in the system. However, one potential security hole is the
accounts.xml file being in a readable format. Out of the box the file is protected from outside access via a .htaccess file in the
TalkPHP_Login directory.
If the aforementioned .htaccess file is removed, or your web-server is not Apache and therefore doesn't support .htaccess files, then the
accounts.xml file is open for anybody to download. The best way to check is try and access the file yourself.
If the file is accessible then you will need to contact your host for a way in which you can protect the file. They'll be a way.
External Libraries
There is only one requisite really, although technically there are 2, if you have PHP 5 then you will also have SimpleXML. Ensure SimpleXML is enabled, and that you're running PHP 5. PHP recently announced it is discontinuing its support for PHP 4 and so all hosts should now support PHP 5, either as the primary PHP interpreter, or at least available through a .htaccess modification. Contact your host for further assistance.
License
The script is protected by the GPL license which is bundled in the script. If you're using the script, we'd really appreciate a link back to TalkPHP.com, but it's not a requirement.
Support
If you require any support for this script, please post in this thread and I'll do my utmost to assist. However, there should be no issues if you've met the requirements.
Easy to Modify Login Script with Hierarchical User Permissions and XML Account File
Linear Mode
