Misterzym
/
CodeIgniter-Aauth
mirror of https://github.com/misterzym/CodeIgniter-Aauth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

- fixed explanation info text in aauth config 

- added `pm_cleanup_max_age`-config_var
 - added 2 files (`pm_deleted_sender` & `pm_deleted_receiver`) in pm table
 - changed `list_pms()` to catch only not deleted pm's
 - changed `delete_pm()` now it need a user_id to delete a pm (like `get_pm()`)
 - changed `delete_pm()` sender's can now detete pm's from outbox
 - changed `count_unread_pms()` it counts now only not deleted pm's.
 - added `cleanup_pms()` removes pms older than X defined by `pm_cleanup_max_age`-config_var
develop
REJack 9 years ago
parent
e6e770a95d
commit
fe89cdb861
4 changed files with 151 additions and 100 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 191
      application/config/aauth.php
  2. 56
      application/libraries/Aauth.php
  3. 2
      sql/Aauth_v2.sql
  4. 2
      sql/Aauth_v2_BCrypt.sql

191
application/config/aauth.php
Unescape View File

@ -5,139 +5,148 @@ defined('BASEPATH') OR exit('No direct script access allowed');
| -------------------------------------------------------------------
| Aauth Config
| -------------------------------------------------------------------
| A library Basic Authorization for CodeIgniter 2+
| A library Basic Authorization for CodeIgniter 2.x and 3.x
|
| -------------------------------------------------------------------
| EXPLANATION
| -------------------------------------------------------------------
|
| See http://codeigniter-aauth-test.readthedocs.org/en/latest/
| for more details and explainations
| ['no_permission'] If user don't have permisssion to see the page he will be redirected the page spesificed.
|
| ['admin_group'] Name of admin group
| ['default_group'] Name of default group, the new user is added in it
| ['public_group'] Public group , people who not logged in
|
| ['no_permission'] If user don't have permisssion to see the page he will be redirected the page spesificed.
| ['db_profile'] The configuration database profile (definied in config/database.php)
|
| ['admin_group'] Name of admin group
| ['default_group'] Name of default group, the new user is added in it
| ['public_group'] Public group , people who not logged in
| ['users'] The table which contains users
| ['groups'] The table which contains groups
| ['user_to_group'] The table which contains join of users and groups
| ['perms'] The table which contains permissions
| ['perm_to_group'] The table which contains permissions for groups
| ['perm_to_user'] The table which contains permissions for users
| ['pms'] The table which contains private messages
| ['user_variables'] The table which contains users variables
| ['login_attempts'] The table which contains login attempts
|
| ['db_profile'] The configuration database profile (see config/database.php)
| ['remember'] Remember time (in relative format) elapsed after connecting and automatic LogOut for usage with Cookies
| Relative Format (e.g. '+ 1 week', '+ 1 month', '+ first day of next month')
| for details see http://php.net/manual/de/datetime.formats.relative.php
| !!IMPORTANT!! If you use Session instead of Cookies,
| remember time is definied by 'sess_expiration' in config/config.php
|
| ['users'] The table which contains users
| ['groups'] The table which contains groups
| ['user_to_group'] The table which contains join of users and groups
| ['perms'] The table which contains permissions
| ['perm_to_group'] The table which contains permissions for groups
| ['perm_to_user'] The table which contains permissions for users
| ['pms'] The table which contains private messages
| ['user_variables'] The table which contains users variables
| ['login_attempts'] The table which contains login attempts
| ['max'] Maximum char long for Password
| ['min'] Minimum char long for Password
|
| ['remember'] Remember time elapsed after connecting and automatic LogOut
| ['additional_valid_chars'] Additional valid chars for username. Non alphanumeric characters that are allowed by default
|
| ['max'] Maximum char long for Password
| ['min'] Minimum char long for Password
| ['ddos_protection'] If it is true, the user will be banned temporary when he exceed the login 'try'
|
| ['additional_valid_chars'] Additional valid chars for username. Non alphanumeric characters that are allowed by default
| ['recaptcha_active'] Enable reCAPTCHA (for details see www.google.com/recaptcha/admin)
| ['recaptcha_login_attempts'] Login Attempts to display reCAPTCHA
| ['recaptcha_siteKey'] The reCAPTCHA siteKey
| ['recaptcha_secret'] The reCAPTCHA secretKey
|
| ['ddos_protection'] If it is true, the user will be banned temporary when he exceed the login 'try'
| ['totp_active'] The Time-based One-time Password Algorithm
| ['totp_only_on_ip_change'] TOTP only on IP Change
| ['totp_reset_over_reset_password'] TOTP reset over reset Password
| ['totp_two_step_login'] Enables/Disables TOTP two step login
| ['totp_two_step_login_redirect'] Redirect path to TOTP Verification page used by control() & is_allowed()
|
| ['recaptcha_active'] Enable reCAPTCHA (see www.google.com/recaptcha/admin)
| ['recaptcha_login_attempts'] :
| ['recaptcha_siteKey'] The reCAPTCHA siteKey
| ['recaptcha_secret'] The reCAPTCHA secretKey
| ['max_login_attempt'] Login attempts time interval (default 10 times in one hour)
| ['max_login_attempt_time_period'] Period of time for max login attempts (default "5 minutes")
| ['remove_successful_attempts'] Enables/Disables removing login attempt after successful login
|
| ['totp_active'] The Time-based One-time Password Algorithm
| ['totp_only_on_ip_change'] TOTP only on IP Change
| ['totp_reset_over_reset_password'] TOTP reset over reset Password
| ['totp_two_step_login'] Enables/Disables TOTP two step login
| ['totp_two_step_login_redirect'] Redirect path to TOTP Verification page used by control() & is_allowed()
| ['login_with_name'] Login Identificator, if TRUE username needed to login else email address.
|
| ['max_login_attempt'] Login attempts time interval (default 10 times in one hour)
| ['max_login_attempt_time_period'] Period of time for max login attempts (default "5 minutes")
| ['remove_successful_attempts'] Enables/Disables removing login attempt after successful login
| ['use_cookies'] FALSE only on CI3
|
| ['login_with_name'] Login Identificator, if TRUE username needed to login else email address.
| ['email'] Sender email address, used for remind_password, send_verification and reset_password
| ['name'] Sender name, used for remind_password, send_verification and reset_password
|
| ['use_cookies'] FALSE only on CI3
| ['verification'] User Verification, if TRUE sends a verification email on account creation.
| ['verification_link'] Link for verification without site_url or base_url
| ['reset_password_link'] Link for reset_password without site_url or base_url
|
| ['email'] Sender email address, used for remind_password, send_verification and reset_password
| ['name'] Sender name, used for remind_password, send_verification and reset_password
|
| ['verification'] User Verification, if TRUE sends a verification email on account creation.
| ['verification_link'] Link for verification without site_url or base_url
| ['reset_password_link'] Link for reset_password without site_url or base_url
|
| ['hash'] Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..)
| ['hash'] Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..)
| Please, run hash_algos() for know your all supported algorithms
| ['use_password_hash'] True to use PHP's own password_hash() function with BCrypt, needs PHP5.5 or higher
| ['password_hash_algo'] password_hash algorithm (PASSWORD_DEFAULT, PASSWORD_BCRYPT) for details see http://php.net/manual/de/password.constants.php
| ['password_hash_options'] password_hash options array for details see http://php.net/manual/en/function.password-hash.php
| ['use_password_hash'] True to use PHP's own password_hash() function with BCrypt, needs PHP5.5 or higher
| ['password_hash_algo'] password_hash algorithm (PASSWORD_DEFAULT, PASSWORD_BCRYPT)
| for details see http://php.net/manual/de/password.constants.php
| ['password_hash_options'] password_hash options array
| for details see http://php.net/manual/en/function.password-hash.php
|
| ['pm_encryption'] Enables/Disables PM Encryption, needs configured CI Encryption Class.
| for details see: http://www.codeigniter.com/userguide2/libraries/encryption.html
| ['pm_cleanup_max_age'] PM Cleanup max age (in relative format), PM's are older than max age get deleted with 'cleanup_pms()'
| Relative Format (e.g. '2 week', '1 month')
| for details see http://php.net/manual/de/datetime.formats.relative.php
|
*/
$config_aauth = array();
$config_aauth["default"] = array(
'no_permission' => FALSE,
'no_permission' => FALSE,
'admin_group' => 'admin',
'default_group' => 'default',
'public_group' => 'public',
'admin_group' => 'admin',
'default_group' => 'default',
'public_group' => 'public',
'db_profile' => 'default',
'db_profile' => 'default',
'users' => 'aauth_users',
'groups' => 'aauth_groups',
'group_to_group' => 'aauth_group_to_group',
'user_to_group' => 'aauth_user_to_group',
'perms' => 'aauth_perms',
'perm_to_group' => 'aauth_perm_to_group',
'perm_to_user' => 'aauth_perm_to_user',
'pms' => 'aauth_pms',
'user_variables' => 'aauth_user_variables',
'login_attempts' => 'aauth_login_attempts',
'users' => 'aauth_users',
'groups' => 'aauth_groups',
'group_to_group' => 'aauth_group_to_group',
'user_to_group' => 'aauth_user_to_group',
'perms' => 'aauth_perms',
'perm_to_group' => 'aauth_perm_to_group',
'perm_to_user' => 'aauth_perm_to_user',
'pms' => 'aauth_pms',
'user_variables' => 'aauth_user_variables',
'login_attempts' => 'aauth_login_attempts',
'remember' => ' +3 days',
'remember' => ' +3 days',
'max' => 13,
'min' => 5,
'max' => 13,
'min' => 5,
'additional_valid_chars' => array(),
'additional_valid_chars' => array(),
'ddos_protection' => true,
'ddos_protection' => true,
'recaptcha_active' => false,
'recaptcha_login_attempts' => 4,
'recaptcha_siteKey' => '',
'recaptcha_secret' => '',
'recaptcha_active' => false,
'recaptcha_login_attempts' => 4,
'recaptcha_siteKey' => '',
'recaptcha_secret' => '',
'totp_active' => false,
'totp_only_on_ip_change' => false,
'totp_reset_over_reset_password' => false,
'totp_two_step_login_active' => false,
'totp_two_step_login_redirect' => '/account/twofactor_verification/',
'totp_active' => false,
'totp_only_on_ip_change' => false,
'totp_reset_over_reset_password' => false,
'totp_two_step_login_active' => false,
'totp_two_step_login_redirect' => '/account/twofactor_verification/',
'max_login_attempt' => 10,
'max_login_attempt_time_period' => "5 minutes",
'remove_successful_attempts' => true,
'max_login_attempt' => 10,
'max_login_attempt_time_period' => "5 minutes",
'remove_successful_attempts' => true,
'login_with_name' => false,
'login_with_name' => false,
'use_cookies' => true,
'use_cookies' => true,
'email' => '[email protected]',
'name' => 'Emre Akay',
'email' => '[email protected]',
'name' => 'Emre Akay',
'verification' => false,
'verification_link' => '/account/verification/',
'reset_password_link' => '/account/reset_password/',
'verification' => false,
'verification_link' => '/account/verification/',
'reset_password_link' => '/account/reset_password/',
'hash' => 'sha256',
'use_password_hash' => false,
'password_hash_algo' => PASSWORD_DEFAULT,
'password_hash_options' => array(),
'hash' => 'sha256',
'use_password_hash' => false,
'password_hash_algo' => PASSWORD_DEFAULT,
'password_hash_options' => array(),
'pm_encryption' => false
'pm_encryption' => false,
'pm_cleanup_max_age' => "6 months",
);
$config['aauth'] = $config_aauth['default'];

56
application/libraries/Aauth.php
Unescape View File

@ -1963,14 +1963,14 @@ class Aauth {
* @param int $receiver_id User id of private message receiver
* @return object Array of private messages
*/
public function list_pms($limit=5, $offset=0, $receiver_id = FALSE, $sender_id=FALSE){
if ( $receiver_id != FALSE){
public function list_pms($limit=5, $offset=0, $receiver_id=NULL, $sender_id=NULL){
if (is_numeric($sender_id)){
$query = $this->aauth_db->where('receiver_id', $receiver_id);
$query = $this->aauth_db->where('pm_deleted_receiver', 0);
}
if( $sender_id != FALSE ){
if (is_numeric($sender_id)){
$query = $this->aauth_db->where('sender_id', $sender_id);
$query = $this->aauth_db->where('pm_deleted_sender', 0);
}
$query = $this->aauth_db->order_by('id','DESC');
@ -1991,7 +1991,7 @@ class Aauth {
if(!$user_id){
$user_id = $this->CI->session->userdata('id');
}
if( !is_numeric($user_id)){
if( !is_numeric($user_id) || !is_numeric($pm_id)){
$this->error( $this->CI->lang->line('aauth_error_no_pm') );
return FALSE;
}
@ -2028,9 +2028,46 @@ class Aauth {
* @param int $pm_id Private message id to be deleted
* @return bool Delete success/failure
*/
public function delete_pm($pm_id){
return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id) );
public function delete_pm($pm_id, $user_id = NULL){
if(!$user_id){
$user_id = $this->CI->session->userdata('id');
}
if( !is_numeric($user_id) || !is_numeric($pm_id)){
$this->error( $this->CI->lang->line('aauth_error_no_pm') );
return FALSE;
}
$query = $this->aauth_db->where('id', $pm_id);
$query = $this->aauth_db->where('receiver_id', $user_id);
$query = $this->aauth_db->or_where('sender_id', $user_id);
$query = $this->aauth_db->get( $this->config_vars['pms'] );
$result = $query->row();
if ($user_id == $result->sender_id){
if($result->pm_deleted_receiver == 1){
return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id));
}
return $this->aauth_db->update( $this->config_vars['pms'], array('pm_deleted_sender'=>1), array('id' => $pm_id));
}else if ($user_id == $result->result->receiver_id){
if($result->pm_deleted_sender == 1){
return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id));
}
return $this->aauth_db->update( $this->config_vars['pms'], array('pm_deleted_receiver'=>1), array('id' => $pm_id) );
}
}
/**
* Cleanup PMs
* Removes PMs older than 'pm_cleanup_max_age' (definied in aauth config).
* recommend for a cron job
*/
public function cleanup_pms(){
$pm_cleanup_max_age = $this->config_vars['pm_cleanup_max_age'];
$date_sent = date('Y-m-d H:i:s', strtotime("now -".$pm_cleanup_max_age));
$this->aauth_db->where('date_sent <', $date_sent);
return $this->aauth_db->delete($this->config_vars['pms']);
}
//tested
@ -2047,6 +2084,7 @@ class Aauth {
}
$query = $this->aauth_db->where('receiver_id', $receiver_id);
$query = $this->aauth_db->where('pm_deleted_receiver', 0);
$query = $this->aauth_db->where('date_read', NULL);
$query = $this->aauth_db->get( $this->config_vars['pms'] );

2
sql/Aauth_v2.sql
Unescape View File

@ -77,6 +77,8 @@ CREATE TABLE `aauth_pms` (
`message` text,
`date_sent` datetime DEFAULT NULL,
`date_read` datetime DEFAULT NULL,
`pm_deleted_sender` int(1) DEFAULT '0',
`pm_deleted_receiver` int(1) DEFAULT '0',
PRIMARY KEY (`id`),
KEY `full_index` (`id`,`sender_id`,`receiver_id`,`date_read`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

2
sql/Aauth_v2_BCrypt.sql
Unescape View File

@ -77,6 +77,8 @@ CREATE TABLE `aauth_pms` (
`message` text,
`date_sent` datetime DEFAULT NULL,
`date_read` datetime DEFAULT NULL,
`pm_deleted_sender` int(1) DEFAULT '0',
`pm_deleted_receiver` int(1) DEFAULT '0',
PRIMARY KEY (`id`),
KEY `full_index` (`id`,`sender_id`,`receiver_id`,`date_read`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

Write Preview
Loading…
Cancel
Save