DX Auth is an authentication library for CodeIgniter that provides basic and advanced authentication features including login, logout, registration, password reset, email activation, banning users, roles, permissions, and captcha. It is built with internationalization and flexibility in mind. The library is based on an earlier CL Auth library and provides bug fixes, improved code structure, compatibility with CodeIgniter sessions, and documentation.
Learn what's new in Project Wonder's ERRest framework. Also, see some tips about security and versioning for your REST services, and learn how you can use HTML routing to build Web apps with ERRest.
This document provides an overview and agenda for a SQLAlchemy primer presentation. The presentation will cover myths about SQLAlchemy, core concepts like the engine and ORM, and include hands-on examples using the SQLite sakila database. The speaker is Yasushi Masuda, a Pythonista since 2001 and founder of PyCon JP, who will introduce SQLAlchemy basics and dispel common misconceptions.
Building Quality with Foundations of Mudseleniumconf
This document discusses strategies for improving test environments and test data to better match production environments. It recommends empowering developers to take full responsibility for testing from specification to deployment. Tests should run quickly and have a low tolerance for intermittent failures. Where parts of the system are difficult to test, techniques like stubs can be used to isolate those components for improved testability and reliability, while still achieving near 100% coverage of core and interface logic. Live integration tests against the full system should be kept to a minimum due to general flakiness.
The document discusses several web application vulnerabilities:
1) HTTP Verb Tampering involves exploiting errors in access control for HTTP methods like PUT and DELETE. An example is bypassing authentication by changing the HTTP verb.
2) Fragmented SQL Injections occur when user input is not properly sanitized in SQL queries. Special characters can be used to terminate query strings and inject unauthorized commands.
3) HTTP Parameter Pollution exploits differences in how web servers and applications handle duplicate parameter names. This can allow overriding intended parameter values.
This document discusses CSV import and export in OroCRM. It covers the process overview including jobs, import and export schemas. It then details how to configure basic B2B customer import and export, including field configuration, data conversion, import/export strategies, and button configuration. Finally, it discusses customizing import and export by adding tag support to the data converter, normalizer, and strategy.
JDK 1.6 introduced enhancements to collections like Deque and BlockingDeque. It added support for XML, web services, and annotations. New features included support for scripting languages via JSR 223, improved JDBC 4.0 support, and enhancements to AWT and Swing for application GUIs. The Java compiler APIs were also made accessible to programs.
This document provides an introduction to testing the frontend of a website using various techniques and tools. It discusses unit and integration tests using Jasmine, functional and acceptance tests using Behat and Mink, and using Grunt as a JavaScript task runner. It also includes a practical example of setting up tests for a voting module using these various testing frameworks and tools.
Learn what's new in Project Wonder's ERRest framework. Also, see some tips about security and versioning for your REST services, and learn how you can use HTML routing to build Web apps with ERRest.
This document provides an overview and agenda for a SQLAlchemy primer presentation. The presentation will cover myths about SQLAlchemy, core concepts like the engine and ORM, and include hands-on examples using the SQLite sakila database. The speaker is Yasushi Masuda, a Pythonista since 2001 and founder of PyCon JP, who will introduce SQLAlchemy basics and dispel common misconceptions.
Building Quality with Foundations of Mudseleniumconf
This document discusses strategies for improving test environments and test data to better match production environments. It recommends empowering developers to take full responsibility for testing from specification to deployment. Tests should run quickly and have a low tolerance for intermittent failures. Where parts of the system are difficult to test, techniques like stubs can be used to isolate those components for improved testability and reliability, while still achieving near 100% coverage of core and interface logic. Live integration tests against the full system should be kept to a minimum due to general flakiness.
The document discusses several web application vulnerabilities:
1) HTTP Verb Tampering involves exploiting errors in access control for HTTP methods like PUT and DELETE. An example is bypassing authentication by changing the HTTP verb.
2) Fragmented SQL Injections occur when user input is not properly sanitized in SQL queries. Special characters can be used to terminate query strings and inject unauthorized commands.
3) HTTP Parameter Pollution exploits differences in how web servers and applications handle duplicate parameter names. This can allow overriding intended parameter values.
This document discusses CSV import and export in OroCRM. It covers the process overview including jobs, import and export schemas. It then details how to configure basic B2B customer import and export, including field configuration, data conversion, import/export strategies, and button configuration. Finally, it discusses customizing import and export by adding tag support to the data converter, normalizer, and strategy.
JDK 1.6 introduced enhancements to collections like Deque and BlockingDeque. It added support for XML, web services, and annotations. New features included support for scripting languages via JSR 223, improved JDBC 4.0 support, and enhancements to AWT and Swing for application GUIs. The Java compiler APIs were also made accessible to programs.
This document provides an introduction to testing the frontend of a website using various techniques and tools. It discusses unit and integration tests using Jasmine, functional and acceptance tests using Behat and Mink, and using Grunt as a JavaScript task runner. It also includes a practical example of setting up tests for a voting module using these various testing frameworks and tools.
This document discusses alternatives to using WebObjects for developing web applications. It summarizes the key aspects of a stack that could satisfy former WebObjects developers, including:
- Dependency injection frameworks like Spring and Google Guice that allow loose coupling between classes.
- HTML frameworks like Tapestry that are similar to WebObjects in allowing infinitely nestable page components.
- JAX-RS as a REST framework specification implemented by libraries like Jersey that maps HTTP requests to Java methods.
- Migrating from WebObjects by keeping its philosophies but rewriting code from scratch using these new frameworks, with tools to import existing data models and port components like DirectToWeb and DirectToJavaClient.
Contexts and Dependency Injection for the JavaEE platformBozhidar Bozhanov
This document provides an overview of Contexts and Dependency Injection (CDI), the Java EE standard for dependency injection and component management defined in JSR-299. It discusses the history and goals of CDI, key concepts like beans and injection, and how CDI integrates with and improves upon other Java EE technologies like EJBs and JSF. The document also demonstrates several CDI features through code examples, such as qualifiers, producers, decorators, and interceptors.
Views are logical or virtual tables based on a query. They are created using the CREATE VIEW command and incorporate a SELECT statement. Views can be queried like tables but do not actually store data - the data comes from underlying tables. Views allow data to be accessed and organized in different ways without users needing to understand complex queries or how the data is stored physically.
Modern application frameworks like Spring promote a POJO-based programming model, and POJOs are inherently easy to unit test. But how can we effectively integration test our application outside the container while still getting as close to a production-like environment as possible? This session will show attendees how to approximate a target production environment using the Spring TestContext Framework to drive fast, repeatable, "out-of-container" integration tests. To simulate a live system, the session will cover open source integration testing techniques such as the use of in-memory databases, JMS providers, and Servlet containers as well as mock SMTP and FTP servers.
Node.js vs Play Framework (with Japanese subtitles)Yevgeniy Brikman
Video: http://www.nicovideo.jp/watch/1410857293
Here's the showdown you've been waiting for: Node.js vs Play Framework. Both are popular open source web frameworks that are built for developer productivity, asynchronous I/O, and the real time web. But which one is easier to learn, test, deploy, debug, and scale? Should you pick Javascript or Scala? The Google v8 engine or the JVM? NPM or Ivy? Grunt or SBT? Two frameworks enter, one framework leaves.
This version of the presentation has Japanese subtitles. For the English only version, see http://www.slideshare.net/brikis98/nodejs-vs-play-framework
1) The document provides solutions to common issues in QuickTest Professional (QTP), including how to add constants to a datatable, check if a parameter or checkpoint exists, validate checkpoints without failing tests, and the difference between actions and functions.
2) It also discusses when to use recovery scenarios versus error handling, how to use environment variables, the files in a QTP test, and how to rename checkpoints.
3) Finally, it addresses questions about browser support, resolving issues with Windows Media Player when running QTP, the purpose of the lservrc file, and ensuring QTP can run from Quality Center.
This document provides an overview of the Oracle Enterprise Manager Command Line Interface (EM CLI).
It discusses the different modes of EM CLI including standard, interactive, and scripting modes. It also covers EM CLI verbs, formatting output, fetching information from the EM repository, and provides examples of Bash and Python scripts using EM CLI.
Sample scripts demonstrated include clearing stateless alerts, changing database passwords, and promoting unmanaged databases to managed targets. Fundamentals of Python programming are also introduced for effective EM CLI scripting.
The document discusses Odoo website development. It covers using models, controllers, views and templates to build a website. Specific topics covered include using the ORM model to retrieve and display data, defining routes and actions in controllers, rendering templates and passing variables to views, using directives in templates to display data and loop through records, and developing a website builder tool to generate snippets and modify the frontend.
This document provides an overview of JSP/Servlet architecture. It describes how a web request is handled from the browser to the web server and JSP/Servlet container. It then discusses key components like servlets, JSPs, the request and response objects. It provides examples of basic servlet and JSP code to output text and access request parameters. It also covers servlet configuration, mappings, and the use of forwards and redirects.
Becoming a drupal master builder - Given at Drupal Camp London 2016
I've been building Drupal sites for a number of years and have a broad experience building Drupal sites with various levels of complexity. I often work with other agencies to build Drupal sites or to migrate existing sites and as a result I will often see some very common mistakes and errors that shouldn't be happening. Due to Drupal's popularity I also see Drupal sites in the wild and can clearly see the same mistakes going on there as well.
During this talk I'll show some basic site building tips as well as some more complex and technical strategies that will make your Drupal sites better and more maintainable. Rather than just show you what to do, I'll also be explaining why doing those things are important and how developers and their websites will benefit from them. Although I'll be mainly concentrating on Drupal 7, some of these techniques are also applicable to Drupal 8.
The document summarizes key concepts about controllers in Ruby on Rails. It discusses how controllers act as the middle layer between models and views, handling requests and rendering responses. It covers controller actions, parameters, sessions, cookies, filters, CSRF protection, and request and response objects. The document also provides code examples for implementing various controller functionality.
The document discusses stateful controllers in Direct To Web (D2W) applications built with WebObjects. It provides background on D2W and how controllers were traditionally implemented using ERDBranchDelegate and NextPageDelegate. Stateful controllers improve upon this by allowing controller classes to be reused across multiple pages while maintaining state between pages. This is done by overriding branchChoicesForContext to programmatically define branch choices and storing necessary objects like the editing context. The document provides examples of how stateful controllers can implement common page flows and interactions through utility methods while keeping code DRY and reusable.
This document provides an overview and demonstration of using the AJAX Solr framework to build a dynamic graphical user interface (GUI) for a knowledge base search application. It summarizes the company background, requirements, and inspiration for modernizing the existing GUI using AJAX Solr. It then demonstrates the framework architecture, including the manager, parameter store, widgets, and theming components. Finally, it discusses best practices, challenges, performance, and provides references for more information.
The configuration management system in Drupal 8 seems like a great idea, but what is it? In this session I hope to show what configuration management is, why it is needed and how it will make all of our lives as Drupal site builders better.
The document discusses several new language enhancements in ColdFusion 11 including full support for CFScript, member functions for data types, JSON enhancements, new query functions like queryExecute and queryGetRow, additional collection functions, and the ability to define application-specific datasources in Application.cfc. It also covers calling tags from CFScript, custom serializers, and enhancements to the cfzip tag.
Drupal 8 Services And Dependency InjectionPhilip Norton
Using the service manager is an essential part of a Drupal 8 developers toolkit and understanding it not only helps development, but can also allow you to create modules that can be easily used by other developers. There are numerous code examples out there that talk about using this or that service, so I'll look at how to go from "\Drupal::service('thing');" to finding and using services within Drupal 8. I will look at creating custom services to use within your own modules and provide injectable dependencies for other modules. I will also show how to override services to provide your own functionality to existing services. All code shown will be real examples that you can take away and use in your own projects.
Given at DrupalCamp London 2018
PyPedia: The free programming environment that anyone can edit! PyPedia is a collaborative programming web environment. Each article in this wiki is a function or class or any other piece of Python code. No need to import anything. Just call the function or instantiate the class that belongs to any other article.
Play framework training by Neelkanth Sachdeva @ Scala traits event , New Delh...Knoldus Inc.
This document provides an introduction and overview of the Play web application framework. It discusses key components of Play like Actions, Controllers, Results, routing, templates, and forms. It also covers how to develop a basic application using Play including setting up a new project, defining routes and controllers, rendering templates, and submitting forms. Finally, it demonstrates persisting application data in a database.
This document provides an overview of the Spring framework. Key points include:
- Spring is a lightweight container that promotes loose coupling and separation of concerns through dependency injection.
- It simplifies programming without J2EE by providing declarative transaction management and abstraction from underlying technologies.
- Spring uses dependency injection and inversion of control to configure and wire together components. It supports setter, constructor, and autowiring of dependencies.
- The Spring container manages the lifecycle of beans through initialization and destruction callbacks.
Add-On Development: EE Expects that Every Developer will do his Dutyreedmaniac
Add-Ons are what make ExpressionEngine the flexible powerhouse that it is today. Being able to write your own simple plugins or incredibly expansive modules allows you to mold ExpressionEngine to nearly any task that your website might require. However, with that power comes a great responsibility to insure that your code is not slowing down the entire site or unduly stressing the server through bad code architecture.
There are simple tools already built into ExpressionEngine and PHP that you can use to see precisely what your Add-On is doing during page processing and where it might be doing more work than is absolutely necessary. Every developer should use these to optimize their work from the very beginning of development, prior to release. This workshop will explain these tools and how you can use them effectively. It will also delve deeper into optimization techniques and tricks that will keep your code light and clean, while finding a balance between functionality and performance.
This document summarizes a talk on add-on development for ExpressionEngine. It discusses the three types of add-ons in EE - extensions, modules, and plugins. It covers important skills for add-on development like PHP, SQL, HTML/CSS, and JavaScript. It provides guidance on developing add-ons including researching existing approaches, mapping out features, designing database structures and template tags, and building the control panel. The document emphasizes best practices like following EllisLab development guidelines, proper commenting, sanitizing inputs, and using abstraction.
This document discusses alternatives to using WebObjects for developing web applications. It summarizes the key aspects of a stack that could satisfy former WebObjects developers, including:
- Dependency injection frameworks like Spring and Google Guice that allow loose coupling between classes.
- HTML frameworks like Tapestry that are similar to WebObjects in allowing infinitely nestable page components.
- JAX-RS as a REST framework specification implemented by libraries like Jersey that maps HTTP requests to Java methods.
- Migrating from WebObjects by keeping its philosophies but rewriting code from scratch using these new frameworks, with tools to import existing data models and port components like DirectToWeb and DirectToJavaClient.
Contexts and Dependency Injection for the JavaEE platformBozhidar Bozhanov
This document provides an overview of Contexts and Dependency Injection (CDI), the Java EE standard for dependency injection and component management defined in JSR-299. It discusses the history and goals of CDI, key concepts like beans and injection, and how CDI integrates with and improves upon other Java EE technologies like EJBs and JSF. The document also demonstrates several CDI features through code examples, such as qualifiers, producers, decorators, and interceptors.
Views are logical or virtual tables based on a query. They are created using the CREATE VIEW command and incorporate a SELECT statement. Views can be queried like tables but do not actually store data - the data comes from underlying tables. Views allow data to be accessed and organized in different ways without users needing to understand complex queries or how the data is stored physically.
Modern application frameworks like Spring promote a POJO-based programming model, and POJOs are inherently easy to unit test. But how can we effectively integration test our application outside the container while still getting as close to a production-like environment as possible? This session will show attendees how to approximate a target production environment using the Spring TestContext Framework to drive fast, repeatable, "out-of-container" integration tests. To simulate a live system, the session will cover open source integration testing techniques such as the use of in-memory databases, JMS providers, and Servlet containers as well as mock SMTP and FTP servers.
Node.js vs Play Framework (with Japanese subtitles)Yevgeniy Brikman
Video: http://www.nicovideo.jp/watch/1410857293
Here's the showdown you've been waiting for: Node.js vs Play Framework. Both are popular open source web frameworks that are built for developer productivity, asynchronous I/O, and the real time web. But which one is easier to learn, test, deploy, debug, and scale? Should you pick Javascript or Scala? The Google v8 engine or the JVM? NPM or Ivy? Grunt or SBT? Two frameworks enter, one framework leaves.
This version of the presentation has Japanese subtitles. For the English only version, see http://www.slideshare.net/brikis98/nodejs-vs-play-framework
1) The document provides solutions to common issues in QuickTest Professional (QTP), including how to add constants to a datatable, check if a parameter or checkpoint exists, validate checkpoints without failing tests, and the difference between actions and functions.
2) It also discusses when to use recovery scenarios versus error handling, how to use environment variables, the files in a QTP test, and how to rename checkpoints.
3) Finally, it addresses questions about browser support, resolving issues with Windows Media Player when running QTP, the purpose of the lservrc file, and ensuring QTP can run from Quality Center.
This document provides an overview of the Oracle Enterprise Manager Command Line Interface (EM CLI).
It discusses the different modes of EM CLI including standard, interactive, and scripting modes. It also covers EM CLI verbs, formatting output, fetching information from the EM repository, and provides examples of Bash and Python scripts using EM CLI.
Sample scripts demonstrated include clearing stateless alerts, changing database passwords, and promoting unmanaged databases to managed targets. Fundamentals of Python programming are also introduced for effective EM CLI scripting.
The document discusses Odoo website development. It covers using models, controllers, views and templates to build a website. Specific topics covered include using the ORM model to retrieve and display data, defining routes and actions in controllers, rendering templates and passing variables to views, using directives in templates to display data and loop through records, and developing a website builder tool to generate snippets and modify the frontend.
This document provides an overview of JSP/Servlet architecture. It describes how a web request is handled from the browser to the web server and JSP/Servlet container. It then discusses key components like servlets, JSPs, the request and response objects. It provides examples of basic servlet and JSP code to output text and access request parameters. It also covers servlet configuration, mappings, and the use of forwards and redirects.
Becoming a drupal master builder - Given at Drupal Camp London 2016
I've been building Drupal sites for a number of years and have a broad experience building Drupal sites with various levels of complexity. I often work with other agencies to build Drupal sites or to migrate existing sites and as a result I will often see some very common mistakes and errors that shouldn't be happening. Due to Drupal's popularity I also see Drupal sites in the wild and can clearly see the same mistakes going on there as well.
During this talk I'll show some basic site building tips as well as some more complex and technical strategies that will make your Drupal sites better and more maintainable. Rather than just show you what to do, I'll also be explaining why doing those things are important and how developers and their websites will benefit from them. Although I'll be mainly concentrating on Drupal 7, some of these techniques are also applicable to Drupal 8.
The document summarizes key concepts about controllers in Ruby on Rails. It discusses how controllers act as the middle layer between models and views, handling requests and rendering responses. It covers controller actions, parameters, sessions, cookies, filters, CSRF protection, and request and response objects. The document also provides code examples for implementing various controller functionality.
The document discusses stateful controllers in Direct To Web (D2W) applications built with WebObjects. It provides background on D2W and how controllers were traditionally implemented using ERDBranchDelegate and NextPageDelegate. Stateful controllers improve upon this by allowing controller classes to be reused across multiple pages while maintaining state between pages. This is done by overriding branchChoicesForContext to programmatically define branch choices and storing necessary objects like the editing context. The document provides examples of how stateful controllers can implement common page flows and interactions through utility methods while keeping code DRY and reusable.
This document provides an overview and demonstration of using the AJAX Solr framework to build a dynamic graphical user interface (GUI) for a knowledge base search application. It summarizes the company background, requirements, and inspiration for modernizing the existing GUI using AJAX Solr. It then demonstrates the framework architecture, including the manager, parameter store, widgets, and theming components. Finally, it discusses best practices, challenges, performance, and provides references for more information.
The configuration management system in Drupal 8 seems like a great idea, but what is it? In this session I hope to show what configuration management is, why it is needed and how it will make all of our lives as Drupal site builders better.
The document discusses several new language enhancements in ColdFusion 11 including full support for CFScript, member functions for data types, JSON enhancements, new query functions like queryExecute and queryGetRow, additional collection functions, and the ability to define application-specific datasources in Application.cfc. It also covers calling tags from CFScript, custom serializers, and enhancements to the cfzip tag.
Drupal 8 Services And Dependency InjectionPhilip Norton
Using the service manager is an essential part of a Drupal 8 developers toolkit and understanding it not only helps development, but can also allow you to create modules that can be easily used by other developers. There are numerous code examples out there that talk about using this or that service, so I'll look at how to go from "\Drupal::service('thing');" to finding and using services within Drupal 8. I will look at creating custom services to use within your own modules and provide injectable dependencies for other modules. I will also show how to override services to provide your own functionality to existing services. All code shown will be real examples that you can take away and use in your own projects.
Given at DrupalCamp London 2018
PyPedia: The free programming environment that anyone can edit! PyPedia is a collaborative programming web environment. Each article in this wiki is a function or class or any other piece of Python code. No need to import anything. Just call the function or instantiate the class that belongs to any other article.
Play framework training by Neelkanth Sachdeva @ Scala traits event , New Delh...Knoldus Inc.
This document provides an introduction and overview of the Play web application framework. It discusses key components of Play like Actions, Controllers, Results, routing, templates, and forms. It also covers how to develop a basic application using Play including setting up a new project, defining routes and controllers, rendering templates, and submitting forms. Finally, it demonstrates persisting application data in a database.
This document provides an overview of the Spring framework. Key points include:
- Spring is a lightweight container that promotes loose coupling and separation of concerns through dependency injection.
- It simplifies programming without J2EE by providing declarative transaction management and abstraction from underlying technologies.
- Spring uses dependency injection and inversion of control to configure and wire together components. It supports setter, constructor, and autowiring of dependencies.
- The Spring container manages the lifecycle of beans through initialization and destruction callbacks.
Add-On Development: EE Expects that Every Developer will do his Dutyreedmaniac
Add-Ons are what make ExpressionEngine the flexible powerhouse that it is today. Being able to write your own simple plugins or incredibly expansive modules allows you to mold ExpressionEngine to nearly any task that your website might require. However, with that power comes a great responsibility to insure that your code is not slowing down the entire site or unduly stressing the server through bad code architecture.
There are simple tools already built into ExpressionEngine and PHP that you can use to see precisely what your Add-On is doing during page processing and where it might be doing more work than is absolutely necessary. Every developer should use these to optimize their work from the very beginning of development, prior to release. This workshop will explain these tools and how you can use them effectively. It will also delve deeper into optimization techniques and tricks that will keep your code light and clean, while finding a balance between functionality and performance.
This document summarizes a talk on add-on development for ExpressionEngine. It discusses the three types of add-ons in EE - extensions, modules, and plugins. It covers important skills for add-on development like PHP, SQL, HTML/CSS, and JavaScript. It provides guidance on developing add-ons including researching existing approaches, mapping out features, designing database structures and template tags, and building the control panel. The document emphasizes best practices like following EllisLab development guidelines, proper commenting, sanitizing inputs, and using abstraction.
Add-On Development: EE Expects that Every Developer will do his DutyLeslie Doherty
A presentation on Add-On Development: EE Expects that Every Developer will do his Duty as given at the EECI2009 conference in Leiden by Paul Burdick, lead developer at Solspace.
This document discusses add-on development for ExpressionEngine. It covers what add-ons are, including extensions, modules, and plugins. It discusses necessary development skills like PHP, SQL, and HTML/CSS. It provides guidance on planning add-on development through researching, mapping features, designing templates and control panels. The document also covers writing code through following best practices, debugging, and improving performance. Developers are encouraged to turn on debugging, review queries, consider caching, remove deprecated code, and ask for help when needed.
ColdFusion 2016 includes many hidden gems in areas like installation, configuration, administration, web server configuration, new and changed features, and the CFML language. The document provides details on improvements to features like the installation process, CF Admin, wsconfig, PDF support, new language constructs like the safe navigation operator, new member functions, and updated underlying libraries. It also mentions deprecated features in ColdFusion 2016 and areas that will see changes in future releases.
20111110 how puppet-fits_into_your_existing_infrastructure_and_change_managem...garrett honeycutt
Puppet can help with change management by using its environments and version control features. Environments represent different stages like development, testing, and production. Changes are made on branches in version control and merged to trunk/master after testing. Tags mark versions to deploy to each environment. Documentation and gates between environments ensure changes meet requirements before moving forward.
This document discusses migrating to ExtJS 3.4. Key points include new features in 3.4 like improved cross-browser support, performance enhancements, and accessibility features. It outlines changes to the core framework, data package, and changes needed to the Operative One codebase. References to Sencha documentation on ExtJS 3.x features and release notes are also provided.
This document provides tips and best practices for staying sane as a Drupal developer. It discusses that 80% of building Drupal sites is configuration, while the remaining 20% requires customization. It emphasizes using Drupal APIs and hooks, playing well with contributed modules, and following coding standards and best practices like version control, automated testing and deployment, and documentation.
This document describes KAAccessControl, a framework for managing user access control and permissions. It provides concise summaries in 3 sentences or less that provide the high level and essential information from the document.
The framework allows defining roles, profiles, lists and managing user permissions through annotations and configuration files. It handles authentication but does not provide the authentication mechanism. The framework manages the current user's profile and permissions and allows impersonating other users through its user service class. Components check permissions by annotating allowed roles and querying the framework's access control services.
OroCRM Partner Technical Training: September 2015Oro Inc.
OroCRM Partner Technical Training
September 2015
Schedule:
Day 1 - Monday 9/14
Define your Entities
--Environment and Project Setup
--Packages Management
--Entities and DB Schema Management
--Entity CRUD Implementation
Day 2 - Tuesday 9/15
Security and Productivity
--ACL
--Entity Activities
--System Configuration
Day 3 - Wednesday 9/16
User Interface
--Layouts and Templates
--CSS and JavaScript
--Widgets
--Navigation
--Localizations
Day 4 - Thursday 9/17
Integrate your Solution
--Job Queue
--Import and Export
--Integrations
--Automated Processes
--WEB API
Day 5 - Friday 9/18
Work with Data
--Workflow
--Reports
--Analytics and Marketing
--Tests
Strategies and Tips for Building Enterprise Drupal Applications - PNWDS 2013Mack Hardy
Mack Hardy, Dave Tarc, Damien Norris of Affinity Bridge presenting at Pacific Northwest Drupal Summit in Vancouver, October 5th, 2013. The presentation walks through management of releases, deployment strategies and build strategies with drupal features, git, and make files. Performance and caching is also covered, as well as specific tips and tricks for configuring apache and managing private files.
Vertex AI is a managed machine learning platform that helps you build, deploy, and scale machine learning models faster and easier.
GitHub: https://github.com/TrilokiDA/Vertex-AI/tree/main
This document provides an agenda for a conference on XPages Beyond the Basics held from February 2-3, 2012 in Denmark. The agenda includes topics like JavaScript/CSS aggregation, pre-loading for XPages, Java design elements, themes, the XPages Extension Library, relational database support using JDBC, exporting data to Excel/PDF, and more. The document also introduces the speaker, Ulrich Krause, an IBM Champion and experienced Notes/Domino developer.
DISQUS is a comment system that handles high volumes of traffic, with up to 17,000 requests per second and 250 million monthly visitors. They face challenges in unpredictable spikes in traffic and ensuring high availability. Their architecture includes over 100 servers split between web servers, databases, caching, and load balancing. They employ techniques like vertical and horizontal data partitioning, atomic updates, delayed signals, consistent caching, and feature flags to scale their large Django application.
Bezlio - Server Administration and SecurityEli Remington
This document provides an overview of security for the Bezlio server administration. It discusses using codes like a keypad lock to control access. It also explains how the Bezlio Remote Data Broker (BRDB) works like the "person on the other side of the door" to permit access once installed. The document outlines factors that control user access like installed plugins, plugin configurations, authorized plugin instances, and dynamic data filters.
This document provides an agenda for the BLUG 2012 conference on XPages Beyond the Basics taking place March 22-23, 2012 in Antwerp. The agenda covers topics like JavaScript/CSS aggregation, pre-loading for XPages, Java design elements, themes, the XPages Extension Library, relational database support, and recommended resources. It also includes background information on the presenter Ulrich Krause and his experience with Lotus Notes, Domino, and XPages development.
This document provides an overview of CodeIgniter and the Model-View-Controller (MVC) framework. It discusses the key features supported by CodeIgniter including database classes, validation, security filtering, and more. It explains the basic MVC structure with models representing data, views representing presented information, and controllers serving as intermediaries. The document demonstrates how CodeIgniter handles URLs in a segment-based approach and describes the roles of controllers, views, models, helpers, libraries, and hooks within a CodeIgniter application. Code examples are provided to illustrate how each component works.
This document provides information on basic configuration for CodeIgniter, including file and directory structure, environment settings, and configuration setup. It discusses the main directories in CodeIgniter like application, system, and third_party. It also describes how to configure the environment like development, testing, and production. Key configuration files mentioned are index.php, database.php, and routes.php for environment settings, and config.php for settings like encryption key, session driver, and cookie expiration.
So, you know how to deploy your code, what about your database? This talk will go through deploying your database with LiquiBase and DBDeploy a non-framework based approach to handling migrations of DDL and DML.
The document announces the Entwicklercamp 2012 event from March 26-28 at the Maritim Hotel in Gelsenkirchen, Germany. It will feature sessions on XPages, the Extension Library, pre-loading for XPages, Java design elements, themes, and more. The event is organized by Ulrich Krause of is@web, an IBM Champion for collaboration solutions.
Information and Communication Technology in EducationMJDuyan
(𝐓𝐋𝐄 𝟏𝟎𝟎) (𝐋𝐞𝐬𝐬𝐨𝐧 2)-𝐏𝐫𝐞𝐥𝐢𝐦𝐬
𝐄𝐱𝐩𝐥𝐚𝐢𝐧 𝐭𝐡𝐞 𝐈𝐂𝐓 𝐢𝐧 𝐞𝐝𝐮𝐜𝐚𝐭𝐢𝐨𝐧:
Students will be able to explain the role and impact of Information and Communication Technology (ICT) in education. They will understand how ICT tools, such as computers, the internet, and educational software, enhance learning and teaching processes. By exploring various ICT applications, students will recognize how these technologies facilitate access to information, improve communication, support collaboration, and enable personalized learning experiences.
𝐃𝐢𝐬𝐜𝐮𝐬𝐬 𝐭𝐡𝐞 𝐫𝐞𝐥𝐢𝐚𝐛𝐥𝐞 𝐬𝐨𝐮𝐫𝐜𝐞𝐬 𝐨𝐧 𝐭𝐡𝐞 𝐢𝐧𝐭𝐞𝐫𝐧𝐞𝐭:
-Students will be able to discuss what constitutes reliable sources on the internet. They will learn to identify key characteristics of trustworthy information, such as credibility, accuracy, and authority. By examining different types of online sources, students will develop skills to evaluate the reliability of websites and content, ensuring they can distinguish between reputable information and misinformation.
Gender and Mental Health - Counselling and Family Therapy Applications and In...PsychoTech Services
A proprietary approach developed by bringing together the best of learning theories from Psychology, design principles from the world of visualization, and pedagogical methods from over a decade of training experience, that enables you to: Learn better, faster!
Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...TechSoup
Whether you're new to SEO or looking to refine your existing strategies, this webinar will provide you with actionable insights and practical tips to elevate your nonprofit's online presence.
🔥🔥🔥🔥🔥🔥🔥🔥🔥
إضغ بين إيديكم من أقوى الملازم التي صممتها
ملزمة تشريح الجهاز الهيكلي (نظري 3)
💀💀💀💀💀💀💀💀💀💀
تتميز هذهِ الملزمة بعِدة مُميزات :
1- مُترجمة ترجمة تُناسب جميع المستويات
2- تحتوي على 78 رسم توضيحي لكل كلمة موجودة بالملزمة (لكل كلمة !!!!)
#فهم_ماكو_درخ
3- دقة الكتابة والصور عالية جداً جداً جداً
4- هُنالك بعض المعلومات تم توضيحها بشكل تفصيلي جداً (تُعتبر لدى الطالب أو الطالبة بإنها معلومات مُبهمة ومع ذلك تم توضيح هذهِ المعلومات المُبهمة بشكل تفصيلي جداً
5- الملزمة تشرح نفسها ب نفسها بس تكلك تعال اقراني
6- تحتوي الملزمة في اول سلايد على خارطة تتضمن جميع تفرُعات معلومات الجهاز الهيكلي المذكورة في هذهِ الملزمة
واخيراً هذهِ الملزمة حلالٌ عليكم وإتمنى منكم إن تدعولي بالخير والصحة والعافية فقط
كل التوفيق زملائي وزميلاتي ، زميلكم محمد الذهبي 💊💊
🔥🔥🔥🔥🔥🔥🔥🔥🔥
Temple of Asclepius in Thrace. Excavation resultsKrassimira Luka
The temple and the sanctuary around were dedicated to Asklepios Zmidrenus. This name has been known since 1875 when an inscription dedicated to him was discovered in Rome. The inscription is dated in 227 AD and was left by soldiers originating from the city of Philippopolis (modern Plovdiv).
A Free 200-Page eBook ~ Brain and Mind Exercise.pptxOH TEIK BIN
(A Free eBook comprising 3 Sets of Presentation of a selection of Puzzles, Brain Teasers and Thinking Problems to exercise both the mind and the Right and Left Brain. To help keep the mind and brain fit and healthy. Good for both the young and old alike.
Answers are given for all the puzzles and problems.)
With Metta,
Bro. Oh Teik Bin 🙏🤓🤔🥰
A Visual Guide to 1 Samuel | A Tale of Two HeartsSteve Thomason
These slides walk through the story of 1 Samuel. Samuel is the last judge of Israel. The people reject God and want a king. Saul is anointed as the first king, but he is not a good king. David, the shepherd boy is anointed and Saul is envious of him. David shows honor while Saul continues to self destruct.
BPSC-105 important questions for june term end exam
119764860 dx-auth
1. Welcome to DX Auth
DX Auth is an authentication library for Code Igniter. It's goal to enable you to easily include secure
and easy to use authentication library to your project, while giving you the flexibility to choose from
simple authentication system to full fledged authentication system.
DX Auth is also build with internationalization in mind, so every string is available in language file.
(Except the bundled examples, because that is your code not the library).
It's based on CL Auth 0.2.5 beta developed by Jason Ashdown.
What is the feature of DX Auth?
• Basic auth (Login, logout, register, change password).
• Remember me.
• Login using username or email address or both (depend on config settings).
• Forgot password.
• Ban user.
• Last login IP address and time (optional).
• Email activation (optional).
• User Profile (optional).
• Role based (admin, user, moderator, etc). Inheritance also supported (optional).
• Restrict page based on URI and role (optional).
• Custom permission for each role (optional).
• Login attempt (optional). You can use this to display catpcha after specified try to login to
prevent bot.
• Event feature (For example: You can put your own code like PM welcome message after user
activated, etc).
• Captcha (optional, native and reCAPTCHA is available).
• Simple admin panel (So you can customize it, include it into your own admin panel, or delete if
you don't need it).
• Most of the feature is optional, means you can turn it off in config file, delete it, or just don't use
it.
What is changed since CL Auth 0.2.5
If you are ever using CL Auth before, you might want to know what's changed since CL Auth 0.2.5
• Bug fixes.
• Add and change function.
• Changed code structure.
1
2. • Group changed to role.
• Compatible with CI bundled session without hacking it.
• Added language file for internationalization.
• All function named lower_case instead of camelCase.
• Source code writing following CI User guide.
• Commented source code so you can follow along.
• Code Igniter style user guide with detailed explanation.
• And other that i don't remember :).
Looks good, so where to get started? Read Getting started, or simple example.
DX Auth is tested in CI 1.7.0, but should be working for above version.
Table of Contents
Basic Info
• License Agreement
• Change Log
• Upgrading from previous
version
• Credits
Installation
• Downloading DX Auth
• Installation Instructions
• Database Schema
General Topics
• Getting Started
• Functions
• Events
• Config
• Models
• Tables anatomy
• Troubleshooting
Examples
• Simple example
• Advanced example
• Recaptcha example
• Permission example
Change Log
Version 1.0.6
Release Date: January 3, 2008
• Added salt option in config.
• Added case sensitive captcha option in config.
• Changed encode function, removed encryption key dependency.
• Fixed bugs in DX Auth.
• Added allow parameter in check_uri_permissions().
• Changed model/dx_auth/permissions.php
2
3. Version 1.0.5
Release Date: December 20, 2008
• Moved system/plugins to application/plugins.
• Fixed bug in in model/dx_auth/user_temp.php.
• Fixed bug in in model/dx_auth/permissions.php.
Version 1.0.4
Release Date: December 15, 2008
• Added $check_parent parameter in is_role() function.
• Changed $use_role_name to TRUE by default, in is_role() function.
• Added 'DX_' prefix in session userdata used by DX_Auth library.
• Changed <? to <?php backend views example.
Version 1.0.3
Release Date: December 12, 2008
• Fixed typos in function get_catpcha_image, renamed into get_captcha_image.
• Fixed examples, to reflect function changed above.
• Added 3 more event in DX_Auth_Event.
Version 1.0.2
Release Date: December 5, 2008
• Added parent_id field in roles table to add role inheritance feature.
• Added permission table, to save custom permission including uri permissions.
• 'role_uri' table is obsolete. Instead, use permission table.
• 'DX_role_uri_table' in config is obsolete.
• Add 'DX_permissions_table' in config.
• Added check_uri_permission() function.
• Added get_permission_value() function.
• Added get_permissions_value() function.
• check_role_uri() function is obsolete, instead use check_uri_permission() to work with new
permission table.
• Add'permissions' model to work with permission table.
• 'role_uri' model is now obsolete.
3
4. • 'cpanel' admin panel example now renamed to 'backend'.
• Added example for custom permissions.
• Simplified admin panel example.
• Fixed failed to load DX Auth in some OS because file name is case sensitive.
• Bug fixed in admin panel example.
Version 1.0.1
Release Date: December 2, 2008
• Added files that forgotten to be included in zip folder. It's recommended to download this
version.
• Removed 'english' in load language so DX Auth will use language specified in CI config.
• Optimized is_admin() function.
• Optimized is_role() function.
• Converted all models to use CI AR instead of SQL plain.
• Added get_role_id() function.
• Added get_role_name() function.
• Added get_ban_reason() function.
• Removed is_captcha_initialized() function.
• Removed is_recaptcha_initialized() function.
• Removed unused function in models because of these changes.
• Revised advanced example in user guide, controllers/auth.php, views/login_form.php example
because is_captcha_initialized() and is_recaptcha_initialized() removed.
• Update user guide.
Version 1.0
Release Date: November 30, 2008
First publicly released version.
From version 1.0.5 to 1.0.6
• Add DX_salt and DX_captcha_case_sensitive into config.
• Since now DX Auth do not use encryption_key in CI config to encode password.
If your encryption_key is not blank before this update, you need to change encode function in
libraries/DX_Auth.php to DX Auth 1.0.5 version.
• Overwrite libraries/dx_auth.php with the new one.
• Overwrite models/dx_auth/permissions.php with the new one.
4
5. From version 1.0.4 to 1.0.5
• Overwrite models/dx_auth/user_temp.php with the new one.
• Overwrite models/dx_auth/permissions.php with the new one.
From version 1.0.3 to 1.0.4
If you use is_role() function, be careful because in 1.0.4, $use_role_name parameter default is
TRUE.
In previous version, $use_role_name parameter is defined as FALSE by default, even tough it was
written as TRUE in documentation. So now it's fixed.
From version 1.0.2 to 1.0.3
Change function get_catpcha_image() to get_captcha_image(). Notice the first function is wrongly
typed.
From version 1.0.1 to 1.0.2
Step 1: Update your roles table
Add parent_id field (int) not null default is 0, in roles table.
To add this column you will run a query similar to this:
ALTER TABLE `roles` ADD `parent_id` int(11) NOT NULL default '0'
See table anatomy to know more about this.
Step 2: Add permissions table
To add this table you will run a query similar to this:
CREATE TABLE `permissions` (
`id` int(11) NOT NULL auto_increment,
`role_id` int(11) NOT NULL,
`data` text collate utf8_bin,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
See table anatomy to know more about this.
5
6. Note: role_uri table will be abandonded, in 1.0.2 it will use this permission table.
Installation Instructions
Installing DX Auth library with bundled examples
1. Unzip the package.
2. Copy captcha folder into your CI folder. Make this folder writable by web server.
3. Copy application folder into your CI application folder.
4. Install DX Auth database schema into your database.
5. Open the application/config/config.php. Change $config['sess_use_database'] to TRUE.
Installing only DX Auth library
1. Unzip the package.
2. Copy captcha folder into your CI folder. Make this folder writable by web server.
3. Copy application/plugins/ folder into your CI application/plugins/ folder.
4. Copy application/config/ folder into your CI application/config/ folder.
5. Copy application/libraries/ folder into your CI application/libraries/ folder.
6. Copy application/helpers/ folder into your CI application/helpers/ folder.
7. Copy application/models/ folder into your CI application/models/ folder.
8. Copy application/language/ folder into your CI application/language/ folder.
9. Install DX Auth database schema into your database.
10. Open the application/config/config.php. Change $config['sess_use_database'] to TRUE.
That's it!
If you're new to DX Auth, please read the Getting Started section of the User Guide to begin using
DX Auth.
Database schema
Below is the database schema needed by DX Auth library, or you can find this schema in
'schema.sql' file after you extract downloaded zip file.
This will install:
• CI Session table named 'ci_sessions'. You can remove the 'ci_sessions' install script if you
already have this table in your database.
• DX Auth library table.
• User with admin role, username: admin, password: hello.
• User with user role, username: user, password: hello.
6
7. • Default roles in role_table (User and admin).
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
-- --------------------------------------------------------
--
-- Table structure for table `ci_sessions`
--
CREATE TABLE IF NOT EXISTS `ci_sessions` (
`session_id` varchar(40) collate utf8_bin NOT NULL default '0',
`ip_address` varchar(16) collate utf8_bin NOT NULL default '0',
`user_agent` varchar(150) collate utf8_bin NOT NULL,
`last_activity` int(10) unsigned NOT NULL default '0',
`user_data` text collate utf8_bin NOT NULL,
PRIMARY KEY (`session_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `login_attempts`
--
CREATE TABLE IF NOT EXISTS `login_attempts` (
`id` int(11) NOT NULL auto_increment,
7
8. `ip_address` varchar(40) collate utf8_bin NOT NULL,
`time` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `roles`
--
CREATE TABLE IF NOT EXISTS `roles` (
`id` int(11) NOT NULL auto_increment,
`parent_id` int(11) NOT NULL default '0',
`name` varchar(30) collate utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=3 ;
--
-- Dumping data for table `roles`
--
INSERT INTO `roles` (`id`, `parent_id`, `name`) VALUES
(1, 0, 'User'),
(2, 0, 'Admin');
-- --------------------------------------------------------
--
-- Table structure for table `permissions`
--
8
9. CREATE TABLE IF NOT EXISTS `permissions` (
`id` int(11) NOT NULL auto_increment,
`role_id` int(11) NOT NULL,
`data` text collate utf8_bin,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL auto_increment,
`role_id` int(11) NOT NULL default '1',
`username` varchar(25) collate utf8_bin NOT NULL,
`password` varchar(34) collate utf8_bin NOT NULL,
`email` varchar(100) collate utf8_bin NOT NULL,
`banned` tinyint(1) NOT NULL default '0',
`ban_reason` varchar(255) collate utf8_bin default NULL,
`newpass` varchar(34) collate utf8_bin default NULL,
`newpass_key` varchar(32) collate utf8_bin default NULL,
`newpass_time` datetime default NULL,
`last_ip` varchar(40) collate utf8_bin NOT NULL,
`last_login` datetime NOT NULL default '0000-00-00 00:00:00',
`created` datetime NOT NULL default '0000-00-00 00:00:00',
`modified` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=3 ;
9
10. --
-- Dumping data for table `users`
--
INSERT INTO `users` (`id`, `role_id`, `username`, `password`, `email`, `banned`, `ban_reason`, `newpass`,
`newpass_key`, `newpass_time`, `last_ip`, `last_login`, `created`, `modified`) VALUES
(1, 2, 'admin', '$1$i75.Do4.$ROPRZjZzDx/JjqeVtaJLW.', 'admin@localhost.com', 0, NULL, NULL, NULL, NULL,
'127.0.0.1', '2008-11-30 04:56:38', '2008-11-30 04:56:32', '2008-11-30 04:56:38'),
(2, 1, 'user', '$1$bO..IR4.$CxjJBjKJ5QW2/BaYKDS7f.', 'user@localhost.com', 0, NULL, NULL, NULL, NULL,
'127.0.0.1', '2008-12-01 14:04:14', '2008-12-01 14:01:53', '2008-12-01 14:04:14');
-- --------------------------------------------------------
--
-- Table structure for table `user_autologin`
--
CREATE TABLE IF NOT EXISTS `user_autologin` (
`key_id` char(32) collate utf8_bin NOT NULL,
`user_id` mediumint(8) NOT NULL default '0',
`user_agent` varchar(150) collate utf8_bin NOT NULL,
`last_ip` varchar(40) collate utf8_bin NOT NULL,
`last_login` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
PRIMARY KEY (`key_id`,`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `user_profile`
--
CREATE TABLE IF NOT EXISTS `user_profile` (
`id` int(11) NOT NULL auto_increment,
10
11. `user_id` int(11) NOT NULL,
`country` varchar(20) collate utf8_bin default NULL,
`website` varchar(255) collate utf8_bin default NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ;
--
-- Dumping data for table `user_profile`
--
INSERT INTO `user_profile` (`id`, `user_id`, `country`, `website`) VALUES
(1, 1, NULL, NULL);
-- --------------------------------------------------------
--
-- Table structure for table `user_temp`
--
CREATE TABLE IF NOT EXISTS `user_temp` (
`id` int(11) NOT NULL auto_increment,
`username` varchar(255) collate utf8_bin NOT NULL,
`password` varchar(34) collate utf8_bin NOT NULL,
`email` varchar(100) collate utf8_bin NOT NULL,
`activation_key` varchar(50) collate utf8_bin NOT NULL,
`last_ip` varchar(40) collate utf8_bin NOT NULL,
`created` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
11
12. Getting Started
After you follow installation with example and setting DX Auth config file, you might just want to see
DX Auth bundled examples live in action, instead of reading the simple example first.
To do that you can open:
• {your CI url}/auth/login/ to login.
• {your CI url}/auth/logout/ to logout.
• {your CI url}/auth/register/ to register.
• {your CI url}/auth/register_recaptcha/ to register using reCAPTCHA.
• {your CI url}/auth/forgot_password/ to use forgot password feature.
• {your CI url}/auth/change_password/ to change password after you logged in.
• {your CI url}/auth/cancel_account/ to delete account after you logged in.
To access admin control panel (You need to logged in as admin or your user role is granted in
permissions table.):
• {your CI url}/backend/users/ to manage users.
• {your CI url}/backend/unactivated_users/ to manage unactivated users.
• {your CI url}/backend/roles/ to manage roles.
• {your CI url}/backend/uri_permissions/ to manage URI permissions.
• {your CI url}/backend/custom_permissions/ to manage custom permissions.
Typically {your CI url} is combination of 'base_url' and 'index_page' in your CI config file.
Main functions
This is the function list you can use in DX Auth library.
login($login, $password, $remember = TRUE)
Login user. If login succeed, returning TRUE, else FALSE.
$login is username or email address or both depend on setting in dx_auth config file.
$password is user password.
$remember is remember user next time they open the website (remember me feature).
If function returning FALSE you can use get_auth_error() function to return error string.
logout()
Logout user.
12
13. register($username, $password,$email)
Register new user. If register succeed, return new user record, else return FALSE.
If DX_email_activation value in dx_auth config file is TRUE then it will email activation, and
requires user to activate the account.
If DX_email_activation is FALSE and DX_email_account_details value in dx_auth config file is
TRUE then it will email user account details.
This function will automatically set new registered user role_id to 1, so you need to make sure
record in roles table which have id = 1, it's name field is 'normal user' or something similar.
forgot_password($login)
Sending an email with a key to reset their password. If succeed return TRUE else return FALSE.
$login is username or email.
Since password is encrypted in one way in one way, it's not possible to retreive back password.
That's why we need to reset it.
If function returning FALSE you can use get_auth_error() function to return error string.
reset_password($username, $key = '')
Reset password based on username and key. Usually combined with forgot_password() function.
If succeed return TRUE else return FALSE.
activate($username, $key = '')
Activate user based on username and key. It's used to activate user account after registration if
DX_email_verification is set to TRUE in dx_auth config file.
change_password($old_pass, $new_pass)
Change password of current logged in user. Make sure you check if user already logged in before
calling this function. If succeed return TRUE else return FALSE.
If function returning FALSE you can use get_auth_error() function to return error string.
cancel_account($password)
Delete current logged in user from database. Make sure you check if user already logged in before
calling this function. If succeed return TRUE else return FALSE.
13
14. If function returning FALSE you can use get_auth_error() function to return error string.
get_user_id()
Return user id, only if user already logged in.
get_username()
Return username, only if user already logged in.
get_role_id()
Return user role id, only if user already logged in.
get_role_name()
Return user role name, only if user already logged in.
is_admin()
Check if user is admin, only if user already logged in.
If user role id is the same value with role_id field which have 'admin' string (case insensitive) in
name field in roles table, function will return TRUE.
is_role($roles = array(), $use_role_name = TRUE, $check_parent =
TRUE)
Check if user has $roles privilege.
If $use_role_name = TRUE then $roles is role name such as 'admin', 'editor', 'etc', else $roles is
role_id such as 0, 1, 2.
If $check_parent is TRUE means if roles not found in user role, it will check if user role parent has
that roles.
You can pass an array or a string in $roles parameter.
For example:
view plaincopy to clipboardprint?
1. if ($this->dx_auth->is_role('admin'))
2. {
3. // Do something
14
15. 4. }
5.
6. if ($this->dx_auth->is_role(array('admin', 'moderator'))
7. {
8. // Do something
9. }
10.
11. // Using an Role ID as $roles parameter
12. if ($this->dx_auth->is_role('1', FALSE))
13.{
14. // Do something
15.}
16.
17. if ($this->dx_auth->is_role(array('1', '2'), FALSE))
18.{
19. // Do something
20.}
is_logged_in()
Check if user already logged in.
is_banned()
Check if user is a banned user.
You should only call this function after you call login() function. So if login() function returning
FALSE, you can check if user is banned or not using this function.
get_ban_reason()
Get ban reason of a banned user.
You should only call this function after you call login() function. So if login() function returning
FALSE, and if user is banned, you can user this function to get the reason.
is_username_available($username)
15
16. Check if username is available to use, by making sure there is no same username in the database.
Typical usage of this function is in form validation callback function.
is_email_available($email)
Check if email is available to use, by making sure there is no same email in the database. Typical
usage of this function is in form validation callback function.
get_auth_error()
Get an error message when login(), forgot_password(), change_password(),
cancel_account() function is returning FALSE.
is_max_login_attempts_exceeded()
Check if login attempts is more than max login attempts specified in dx_auth config file.
Login attempt increase count based on login attempted by IP address.
check_uri_permissions($allow = TRUE)
This will check if current logged in user is allowed to access current URI, based on his role, or his
parent role.
Here is the detail what happen when you call this function:
First, function will check if user is logged in or not, if user haven't login then it will redirect to login
URI.
But if user is logged in, then it will check if user is admin.
If user is admin, then it is allowed to access the URI.
But if user is not admin, it will check if user role and parent role is allowed to accesss current URI
based on URI rule in permissions table in database.
If user is not allowed, it will redirect to deny access URI.
You can call check_uri_permissions() in the controller constructor to protect the whole controller.
view plaincopy to clipboardprint?
1. class Home extends Controller
2. {
3. function Home()
4. {
5. parent::Controller();
6.
16
17. 7. $this->dx_auth->check_uri_permissions();
8. }
9. }
Or use it within a function
view plaincopy to clipboardprint?
1. function hello_world()
2. {
3. $this->dx_auth->check_uri_permissions();
4.
5. // Do something
6. }
Case example:
There is a user with role_id = 1 (normal user).
And then in permissions table, there is a record specify role_id = 1 have permission URI to access
'/test/' URI.
Now this user want to access uri '/test/hi/'.
If you have code like this in Test controller :
view plaincopy to clipboardprint?
1. class Test extends Controller
2. {
3. function Test()
4. {
5. parent::Controller();
6.
7. // Secure controller
8. $this->dx_auth->check_uri_permissions();
9. }
10.
11. function hi()
12. {
13. echo 'Hi';
14. }
15.
16. function hello()
17. {
17
18. 18. echo 'Hello';
19. }
20.}
This user will pass the check and access '/test/hi/' URI, and echo 'Hi'.
Because if permission URI set to '/test/', it means grant access to class Test and all it's function.
If you want to limit role access to function only, you can specify '/class/function/' when setting
permission URI.
For example, in previous case example if you change role_id = 1 URI permission to '/test/hi/',
user will able to access 'test/hi/' URI, but cannot access 'test/hello/' URI.
You also can set URI permission to '/' to enable role access all URI.
It is possible to reverse all this explanation by specifiying $allow = TRUE when calling
check_uri_permissions().
So instead of allowing user to access URI when URI permission found, it will disallow user to access
URI when URI permission found.
To set URI permission, you have to use function given in permissions model, or make your own.
See the example on how to set the permission.
For CL Auth user, notice that URI permission now renamed to '/class/function/' instead of
'/class/function'.
Inheritance
If user role have parent role, then user also have access to parent role, and so on. To describe this,
let's have this URI Permission illustration.
User
{
'/home/'
'/help/'
}
Moderator: User
{
'/moderator/'
}
Super_Moderator: Moderator
{
'/super/'
18
19. }
Big_Moderator: Moderator
{
'/big/'
}
This means, Super_Moderator role can access Moderator and User URI, but cannot access
Big_Moderator URI.
To use this feature, you need to specify parent for each role in parent_id field in roles table.
In previous case, here is the illustration of the roles table
id parent_id name
-------------------------
1 0 User
2 0 Admin
3 1 Moderator
4 3 Super Moderator
5 3 Big Moderator
Note Using this function is optional, you might don't want to use it if you pretty comfortable
checking the user manually using function like is_admin(), is_role(), is_logged_in(), etc.
get_permission_value($key, $check_parent = TRUE)
Get permission value from specified key. Call this function only when user is logged in already.
$key is permission array key (Note: permissions is saved as array in table).
If $check_parent is TRUE means if permission value not found in user role, it will try to get
permission value from parent role.
Returning value if permission found, otherwise returning NULL.
To set permission, you have to use function given in permissions model, or make your own. See the
example on how to set the permission.
Note Using this function is optional, you might don't want to use it if you pretty comfortable
checking the user manually, and give permission manually using function like is_admin(),
is_role(), etc.
get_permissions_value($key, $array_key = 'default')
19
20. Get permissions value from specified key. Call this function only when user is logged in already.
This function will search key in user permission, and it's parents permissions.
$key is permission array key (Note: permissions is saved as array in table).
$array_key = 'default'. Retrurning array ordered using 0, 1, 2 as array key.
$array_key = 'role_id'. Retrurning array ordered using role_id as array key.
$array_key = 'role_name'. Retrurning array ordered using role_name as array key.
Returning array of value if permission found, otherwise returning NULL.
To set permission, you have to use function given in permissions model, or make your own. See the
example on how to set the permission.
Note Using this function is optional, you might don't want to use it if you pretty comfortable
checking the user manually, and give permission manually using function like is_admin(),
is_role(), etc.
deny_access($uri = 'deny')
Calling this function will redirect user depending on $uri variable. Default $uri is 'deny'
$uri = 'deny' will redirect user to 'DX_deny_uri' specified in dx_auth config file.
$uri = 'login' will redirect user to 'DX_login_uri' specified in dx_auth config file.
$uri = 'banned' will redirect user to 'DX_banned_uri' specified in dx_auth config file.
catpcha()
Creating a captcha to be used in form validation.
get_catpcha_image()
Get HTML image of created catpcha. Use this function in view file.
is_captcha_expired()
Check if created captcha already expired or not. Use this in callback form validation function.
is_captcha_match($code)
Check if created catpcha text match with the $code. Use this in callback form validation function.
reCAPTCHA functions
Below is reCAPTCHA function list. Because of name limitation in reCAPTCHA API (everything should
have fixed name), reCAPTCHA function is separated from native DX Auth captcha.
20
21. To use reCAPTCHA function you have to set DX_recaptcha_public_key and
DX_recaptcha_private_key in dx_auth config file. To get the key you can register at reCAPTCHA
website.
You can find an example to use reCAPTCHA in registration here.
get_recaptcha_reload_link($text = 'Get another CAPTCHA')
Get reCAPTCHA reload captcha link, with $text as anchor text. Use this function in view file.
get_recaptcha_switch_image_audio_link($switch_image_text = 'Get
an image CAPTCHA', $switch_audio_text = 'Get an audio CAPTCHA')
Get reCAPTCHA switch image or audio link. Use this function in view file.
get_recaptcha_label($image_text = 'Enter the words above',
$audio_text = 'Enter the numbers you hear')
Get reCAPTCHA label telling user to input captcha in the inputbox. Use this function in view file.
get_recaptcha_input()
Get reCAPTCHA input box to input captcha. Use this function in view file.
You should use this function, otherwise reCAPTCHA image won't show up because reCAPTCHA
javascript will try to find this input box.
get_recaptcha_image()
Get reCATPCHA image. Use this function in view file.
get_recaptcha_html()
Get reCAPTCHA javascript and non javasript html. Use this function in view file.
This is the main part of reCAPTCHA function.
Call this function after you are using some or all get_recaptcha_xxx function above. Meaning this
function should be called the last.
is_recaptcha_match()
Check if created reCAPTCHA text match with the text that user inputed in get_recaptcha_input()
function. Use this in callback form validation function.
21
22. check_role_uri()
This function is obsolete in version 1.0.2 above. Use check_uri_permissions() to have same
effect with new permission table.
Events
Event are function that triggered when specific function in DX Auth library is called. To use these
event you need to open 'libraries/DX_Auth_Event.php', and put your code there.
Here is the events that you can use in DX Auth library.
user_activated($user_id)
If 'DX_email_activation' in config is TRUE, this event occurs right after user succesfully activated
using specified key in their email.
If 'DX_email_activation' in config is FALSE, this event occurs right after user succesfully
registered.
$user_id is id of user that activated.
By default, there is codes here to create user profile. If you don't need user profile, you can delete
the codes.
user_logged_in($user_id)
This event occurs right after user login. $user_id is id of user that login.
user_logging_out($user_id)
This event occurs right before user logout. $user_id is id of user that logout.
user_changed_password($user_id, $new_password)
This event occurs right after user change password. $user_id is id of user that change password,
$new_password is the new password.
user_canceling_account($user_id)
This event occurs right before user account is canceled. $user_id is id of user that cancel his
account.
By default, there is codes here to delete user profile. If you don't need user profile, you can delete
the codes.
22
23. checked_uri_permissions($user_id, &$allowed)
This event occurs when check_uri_permissions() function in DX_Auth is called, after checking if user
role is allowed or not to access URI, this event will be triggered.
$allowed is result of the check before, it's possible to alter the value since it's passed by reference.
got_permission_value($user_id, $key)
This event occurs when get_permission_value() function in DX_Auth is called.
got_permissions_value($user_id, $key)
This event occurs when get_permissions_value() function in DX_Auth is called.
sending_account_email($data, &$content)
This event occurs right before dx auth send email with account details.
$data is an array, containing username, password, email, and last_ip.
$content is email content, passed by reference.
By default there is example code how to create content here. You can change it to fit your needs.
sending_activation_email($data, &$content)
This event occurs right before dx auth send activation email.
$data is an array, containing username, password, email, last_ip, activation_key, activate_url.
$content is email content, passed by reference.
By default there is example code how to create content here. You can change it to fit your needs.
sending_forgot_password_email($data, &$content)
This event occurs right before dx auth send forgot password request email.
$data is an array, containing password, key, and reset_password_uri.
$content is email content, passed by reference.
By default there is example code how to create content here. You can change it to fit your needs.
Config
This is the config in DX Auth library. You can see the explanation is commented in the code.
23
24. view plaincopy to clipboardprint?
1. /*
2. | -------------------------------------------------------------------
3. | DX Auth Config
4. | -------------------------------------------------------------------
5. */
6.
7. /*
8. |--------------------------------------------------------------------------
9. | Website details
10. |--------------------------------------------------------------------------
11. |
12. | These details are used in email sent by DX Auth library.
13. |
14. */
15.
16. $config['DX_website_name'] = 'Your Website';
17. $config['DX_webmaster_email'] = 'webmaster@yourhost.com';
18.
19. /*
20. |--------------------------------------------------------------------------
21. | Database table
22. |--------------------------------------------------------------------------
23. |
24. | Determines table that used by DX Auth.
25. |
26. | 'DX_table_prefix' allows you to specify table prefix that will be use by the rest of the table.
27. |
28. | For example specifying 'DX_' in 'DX_table_prefix' and 'users' in 'DX_users_table',
29. | will make DX Auth user 'DX_users' as users table.
30. |
31. */
32.
33. $config['DX_table_prefix'] = '';
34. $config['DX_users_table'] = 'users';
24
25. 35. $config['DX_user_profile_table'] = 'user_profile';
36. $config['DX_user_temp_table'] = 'user_temp';
37. $config['DX_user_autologin'] = 'user_autologin';
38. $config['DX_roles_table'] = 'roles';
39. $config['DX_permissions_table'] = 'permissions';
40. $config['DX_login_attempts_table'] = 'login_attempts';
41.
42. /*
43. |--------------------------------------------------------------------------
44. | Password salt
45. |--------------------------------------------------------------------------
46. |
47. | You can add major salt to be hashed with password.
48. | For example, you can get salt from here: https://www.grc.com/passwords.htm
49. |
50. | Note:
51. |
52. | Keep in mind that if you change the salt value after user registered,
53. | user that previously registered cannot login anymore.
54. |
55. */
56.
57. $config['DX_salt'] = '';
58.
59. /*
60. |--------------------------------------------------------------------------
61. | Registration related settings
62. |--------------------------------------------------------------------------
63. |
64. | 'DX_email_activation' = Requires user to activate their account using email after registration.
65. | 'DX_email_activation_expire' = Time before users who don't activate their account getting del
eted from database. Default is 48 Hours (60*60*24*2).
66. | 'DX_email_account_details' = Email account details after registration, only if 'DX_email_activa
tion' is FALSE.
67. |
68. */
25
26. 69.
70. $config['DX_email_activation'] = TRUE;
71. $config['DX_email_activation_expire'] = 60*60*24*2;
72. $config['DX_email_account_details'] = TRUE;
73.
74. /*
75. |--------------------------------------------------------------------------
76. | Login settings
77. |--------------------------------------------------------------------------
78. |
79. | 'DX_login_using_username' = Determine if user can use username in username field to login.
80. | 'DX_login_using_email' = Determine if user can use email in username field to login.
81. |
82. | You have to set at least one of settings above to TRUE.
83. |
84. | 'DX_login_record_ip' = Determine if user IP address should be recorded in database when user
login.
85. | 'DX_login_record_time' = Determine if time should be recorded in database when user login.
86. |
87. */
88.
89. $config['DX_login_using_username'] = TRUE;
90. $config['DX_login_using_email'] = TRUE;
91. $config['DX_login_record_ip'] = TRUE;
92. $config['DX_login_record_time'] = TRUE;
93.
94. /*
95. |--------------------------------------------------------------------------
96. | Auto login settings
97. |--------------------------------------------------------------------------
98. |
99. | 'DX_autologin_cookie_name' = Determine auto login cookie name.
100. | 'DX_autologin_cookie_life' = Determine auto login cookie life before expired. Default is
2 months (60*60*24*31*2).
101. |
102. */
26
27. 103.
104. $config['DX_autologin_cookie_name'] = 'autologin';
105. $config['DX_autologin_cookie_life'] = 60*60*24*31*2;
106.
107. /*
108. |--------------------------------------------------------------------------
109. | Login attempts
110. |--------------------------------------------------------------------------
111. |
112. | 'DX_count_login_attempts' = Determine if DX Auth should count login attempt when us
er failed to login.
113. | 'DX_max_login_attempts' = Determine max login attempt before function is_login_atte
mpt_exceeded() returning TRUE.
114. |
115. */
116.
117. $config['DX_count_login_attempts'] = TRUE;
118. $config['DX_max_login_attempts'] = 1;
119.
120. /*
121. |--------------------------------------------------------------------------
122. | Forgot password settings
123. |--------------------------------------------------------------------------
124. |
125. | 'DX_forgot_password_expire' = Time before forgot password key become invalid. Defau
lt is 15 minutes (900 seconds).
126. |
127. */
128.
129. $config['DX_forgot_password_expire'] = 900;
130.
131. /*
132. |--------------------------------------------------------------------------
133. | Captcha
134. |--------------------------------------------------------------------------
135. |
27
28. 136. | You can set catpcha that created by DX Auth library in here.
137. | 'DX_captcha_directory' = Name of directory where the catpcha will be created.
138. | 'DX_captcha_fonts_path' = Font in this directory will be used when creating captcha.
139. | 'DX_captcha_font_size' = Font size when writing text to captcha. Leave blank for rando
m font size.
140. | 'DX_captcha_grid' = Show grid in created captcha.
141. | 'DX_captcha_expire' = Life time of created captcha before expired, default is 3 minutes
(180 seconds).
142. | 'DX_captcha_expire' = Determine captcha case sensitive or not.
143. |
144. */
145.
146. $config['DX_captcha_directory'] = 'captcha';
147. $config['DX_captcha_fonts_path'] = $config['DX_captcha_path'].'fonts';
148. $config['DX_captcha_width'] = 320;
149. $config['DX_captcha_height'] = 95;
150. $config['DX_captcha_font_size'] = '';
151. $config['DX_captcha_grid'] = TRUE;
152. $config['DX_captcha_expire'] = 180;
153. $config['DX_captcha_case_sensitive'] = TRUE;
154.
155. /*
156. |--------------------------------------------------------------------------
157. | reCAPTCHA
158. |--------------------------------------------------------------------------
159. |
160. | If you are planning to use reCAPTCHA function, you have to set reCAPTCHA key here
161. | You can get the key by registering at http://recaptcha.net
162. |
163. */
164.
165. $config['DX_recaptcha_public_key'] = '';
166. $config['DX_recaptcha_private_key'] = '';
167.
168.
169. /*
28
29. 170. |--------------------------------------------------------------------------
171. | URI
172. |--------------------------------------------------------------------------
173. |
174. | Determines URI that used for redirecting in DX Auth library.
175. | 'DX_deny_uri' = Forbidden access URI.
176. | 'DX_login_uri' = Login form URI.
177. | 'DX_activate_uri' = Activate user URI.
178. | 'DX_reset_password_uri' = Reset user password URI.
179. |
180. | These value can be accessed from DX Auth library variable, by removing 'DX_' string.
181. | For example you can access 'DX_deny_uri' by using $this->dx_auth->deny_uri in contr
oller.
182. |
183. */
184.
185. $config['DX_deny_uri'] = '/auth/deny/';
186. $config['DX_login_uri'] = '/auth/login/';
187. $config['DX_banned_uri'] = '/auth/banned/';
188. $config['DX_activate_uri'] = '/auth/activate/';
189. $config['DX_reset_password_uri'] = '/auth/reset_password/';
190.
191.
192. /*
193. |--------------------------------------------------------------------------
194. | Helper configuration
195. |--------------------------------------------------------------------------
196. |
197. | Configuration below is actually not used in function in DX_Auth library.
198. | They just used to help you coding more easily in controller.
199. | You can set it to blank if you don't need it, or even delete it.
200. |
201. | However they can be accessed from DX Auth library variable, by removing 'DX_' string.
202. | For example you can access 'DX_register_uri' by using $this->dx_auth->register_uri in
controller.
29
31. 238.
239. $config['DX_register_disabled_view'] = 'auth/general_message';
240. $config['DX_activate_failed_view'] = 'auth/general_message';
241. $config['DX_reset_password_failed_view'] = 'auth/general_message';
Models
DX Auth library ships with few models file, which is located in 'models/dx_auth/' folder.
These model contain functions to work with specified table. You can use the function in these model,
for example to build your own admin panel. Function name in these model is also self explanatiory
so it's easy to use.
Here is the list of models included in 'models/dx_auth/' folder:
• users.php contain functions to work with 'DX_users_table' table.
• user_profile.php contain functions to work with 'DX_user_profile_table' table.
• user_temp.php contain functions to work with 'DX_user_temp_table' table.
• user_autologin.php contain functions to work with 'DX_user_autologin' table.
• roles.php contain functions to work with 'DX_roles_table' table.
• permissions.php contain functions to work with 'DX_permissions_table' table.
• login_attempts.php contain functions to work with 'DX_login_attempts_table' table.
Tables anatomy
These are the table installed in DX Auth library and here is the explanation for each field.
users table
This is the main table, users are recorded in here.
• id = Primary key.
• role_id = Foreign key to roles table. Default is 1.
• username = Username.
• password = User password (encrypted).
• email = User email.
• banned = Determine if user is banned or not (1 = banned, 0 = not banned). Default is 0.
• ban_reason = Reason why user is banned.
• newpass = New password after user request forgot password.
• newpass_key = Key to change password. If key is verified by reset_password() function, it will
replace 'password' field with 'newpass' field value.
• newpass_time = Time when forgot password is requested.
31
32. • last_ip = IP address of user when register. Then if 'DX_login_record_ip' is TRUE, every time
user login his IP will be recorded here.
• last_login = if 'DX_login_record_time' is TRUE, login time will be recorded here.
• created = Time when this record is created, normally you can use this to determine when user
is registered.
• modified = Time when this record is modified.
Username field shoudn't contain space and other vulnerable character. Therefore when you validate
username in registration, it's highly recommended you use alpha_dash in your form validation.
user_temp table
This table is for users who haven't activated their account.
• id = Primary key.
• username = Username.
• password = User password (encrypted).
• email = User email.
• activation_key = Key needed to activate user. User who activated will be moved to users table.
• last_ip = IP address of user when register.
• created = Date time when this record is created.
If 'DX_email_activation' is TRUE, people who have registered is inserted into this table instead of
users table. If they activate their account, the record will be moved into users table.
user_profile table
This table is for user profile.
• id = Primary key.
• user_id = Foreign key to users table.
• Other field is up to you. You can add or delete to fit your needs.
user_autologin table
This table is to save autologin variable when user login, to verify it with autologin cookies.
• key_id = Primary key, key_id was created with unique string when user login using remember
TRUE.
• user_id = Primary key, user id of user when login using remember TRUE.
• user_agent = User agent of browser when user login using remember TRUE.
32
33. • last_ip = User IP address when user login using remember TRUE.
• last_login = Time when user login using remember TRUE.
Normally, you won't need to touch with this table.
roles table
This table is records of role name such as registered user, admin, moderator, etc.
• id = Primary key.
• parent_id = Self reference to id. Which mean this role will inherit parent_id role. Default is 0
(No parent).
• name = Role name.
You need to have minimum 2 records in here.
First, record which have id = 1 must be named 'registered user' or something similar, since users
table will automatically set role_id = 1 when record is created.
And another one must have 'admin' (case insensitive) in name field while it's id is not important.
If you don't plan to use permissions feature, you don't need to care about parent_id just leave it as
0. But if you do, you can check function check_uri_permissions() in function guide to know what's
the effect of having parent_id.
permissions table
• id = Primary key.
• role_id = Foreign key to roles table.
• data(text) = Permission data. Permission data is saved as array which converted into string.
check_uri_permission(), get_permission_value(), get_permissions_value() relying on this
table. To set the data, you have to use function given in permissions model, or make your own. See
the example on how to set the permission.
login_attempts table
This table log login attempted by people.
• id = Primary key.
• ip_address = IP address of someone who try to login.
• time = Time when someone who try to login.
33
34. DX Auth will only use this table when 'DX_count_login_attempts' is set to TRUE in config file. And if
login attempts for same IP is more than 'DX_max_login_attempts' in config file, it will not count
that IP anymore.
role_uri table
Obsolete in 1.0.2 above. Use permissions table.
Troubleshooting
DX Auth library might failed sending email if you didn't set the email setting well.
If that's happened, you need to create email.php in application/config/ folder, and paste
following code. Edit it to fit your needs.
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
$config['protocol'] = 'smtp';
$config['smtp_host'] = 'mail.localhost.com';
$config['smtp_user'] = 'username';
$config['smtp_pass'] = 'password';
$config['smtp_port'] = '25';
For more information about this, you can consult Code Igniter email helper.
Simple example
Before trying the example make sure you have follow installation instruction first.
Using DX Auth library it's pretty straight forward and simple, for example let's create a class named
Auth in Auth controller.
view plaincopy to clipboardprint?
1. class Auth extends Controller
2. {
3. function Auth()
4. {
5. parent::Controller();
6. // Load library
7. $this->load->library('DX_Auth');
8. }
34
35. 9.
10. function login()
11. {
12. // Login using username 'test' and password 'helloworld'
13. $this->dx_auth->login('test', 'helloworld');
14. }
15.
16. function logout()
17. {
18. // Logout user
19. $this->dx_auth->logout();
20. }
21.
22. function register()
23. {
24. // Register a user with username 'john', password 'johnpassword', and email 'john@yourm
ail.com'
25. if ($user = $this->dx_auth->register('john', 'johnpassword', 'john@yourmail.com'))
26. {
27. echo 'Welcome '.$user->username;
28. }
29. else
30. {
31. echo 'Failed to register';
32. }
33. }
34.
35. function hello()
36. {
37. // Check if user is logged in or not
38. if ($this->dx_auth->is_logged_in())
39. {
40. echo 'Hello world';
41. }
42. else
43. {
35
36. 44. echo 'Not logged in';
45. }
46. }
47.}
By just looking these example, i think you already get a grip how easy and simple to use DX Auth
library.
If you are interested, here is the more advanced example.
Advanced example
This is more advanced, and how DX Auth should be implemented. You can see explanation
commented in source code.
view plaincopy to clipboardprint?
1. class Auth extends Controller
2. {
3. // Used for registering and changing password form validation
4. var $min_username = 4;
5. var $max_username = 20;
6. var $min_password = 4;
7. var $max_password = 20;
8.
9. function Auth()
10. {
11. parent::Controller();
12.
13. $this->load->library('Form_validation');
14. $this->load->library('DX_Auth');
15.
16. $this->load->helper('url');
17. $this->load->helper('form');
18. }
19.
20. function index()
21. {
22. $this->login();
23. }
24.
36
37. 25. /* Callback function */
26.
27. function username_check($username)
28. {
29. $result = $this->dx_auth->is_username_available($username);
30. if ( ! $result)
31. {
32. $this->form_validation->set_message('username_check', 'Username already exist. Plea
se choose another username.');
33. }
34.
35. return $result;
36. }
37.
38. function email_check($email)
39. {
40. $result = $this->dx_auth->is_email_available($email);
41. if ( ! $result)
42. {
43. $this->form_validation->set_message('email_check', 'Email is already used by another
user. Please choose another email address.');
44. }
45.
46. return $result;
47. }
48.
49. function captcha_check($code)
50. {
51. $result = TRUE;
52.
53. if ($this->dx_auth->is_captcha_expired())
54. {
55. // Will replace this error msg with $lang
56. $this->form_validation->set_message('captcha_check', 'Your confirmation code has ex
pired. Please try again.');
57. $result = FALSE;
58. }
37
38. 59. elseif ( ! $this->dx_auth->is_captcha_match($code))
60. {
61. $this->form_validation->set_message('captcha_check', 'Your confirmation code does n
ot match the one in the image. Try again.');
62. $result = FALSE;
63. }
64.
65. return $result;
66. }
67.
68. /* End of Callback function */
69.
70. function login()
71. {
72. if ( ! $this->dx_auth->is_logged_in())
73. {
74. $val = $this->form_validation;
75.
76. // Set form validation rules
77. $val->set_rules('username', 'Username', 'trim|required|xss_clean');
78. $val->set_rules('password', 'Password', 'trim|required|xss_clean');
79. $val->set_rules('remember', 'Remember me', 'integer');
80.
81. // Set captcha rules if login attempts exceed max attempts in config
82. if ($this->dx_auth->is_max_login_attempts_exceeded())
83. {
84. $val->set_rules('captcha', 'Confirmation Code', 'trim|required|xss_clean|
callback_captcha_check');
85. }
86.
87. if ($val->run() AND $this->dx_auth->login($val->set_value('username'), $val-
>set_value('password'), $val->set_value('remember')))
88. {
89. // Redirect to homepage
90. redirect('', 'location');
91. }
92. else
38
39. 93. {
94. // Check if the user is failed logged in because user is banned user or not
95. if ($this->dx_auth->is_banned())
96. {
97. // Redirect to banned uri
98. $this->dx_auth->deny_access('banned');
99. }
100. else
101. {
102. // Default is we don't show captcha until max login attempts eceeded
103. $data['show_captcha'] = FALSE;
104.
105. // Show captcha if login attempts exceed max attempts in config
106. if ($this->dx_auth->is_max_login_attempts_exceeded())
107. {
108. // Create catpcha
109. $this->dx_auth->captcha();
110.
111. // Set view data to show captcha on view file
112. $data['show_captcha'] = TRUE;
113. }
114.
115. // Load login page view
116. $this->load->view($this->dx_auth->login_view, $data);
117. }
118. }
119. }
120. else
121. {
122. $data['auth_message'] = 'You are already logged in.';
123. $this->load->view($this->dx_auth->logged_in_view, $data);
124. }
125. }
126.
127. function logout()
128. {
39
40. 129. $this->dx_auth->logout();
130.
131. $data['auth_message'] = 'You have been logged out.';
132. $this->load->view($this->dx_auth->logout_view, $data);
133. }
134.
135. function register()
136. {
137. if ( ! $this->dx_auth->is_logged_in() AND $this->dx_auth->allow_registration)
138. {
139. $val = $this->form_validation;
140.
141. // Set form validation rules
142. $val->set_rules('username', 'Username', 'trim|required|xss_clean|min_length['.
$this->min_username.']|max_length['.$this->max_username.']|callback_username_check|
alpha_dash');
143. $val->set_rules('password', 'Password', 'trim|required|xss_clean|min_length['.
$this->min_password.']|max_length['.$this->max_password.']|matches[confirm_password]');
144. $val->set_rules('confirm_password', 'Confirm Password', 'trim|required|
xss_clean');
145. $val->set_rules('email', 'Email', 'trim|required|xss_clean|valid_email|
callback_email_check');
146.
147. if ($this->dx_auth->captcha_registration)
148. {
149. $val->set_rules('captcha', 'Confirmation Code', 'trim|xss_clean|required|
callback_captcha_check');
150. }
151.
152. // Run form validation and register user if it's pass the validation
153. if ($val->run() AND $this->dx_auth->register($val->set_value('username'), $va
l->set_value('password'), $val->set_value('email')))
154. {
155. // Set success message accordingly
156. if ($this->dx_auth->email_activation)
157. {
158. $data['auth_message'] = 'You have successfully registered. Check your em
ail address to activate your account.';
40
42. 194. // Get username and key
195. $username = $this->uri->segment(3);
196. $key = $this->uri->segment(4);
197.
198. // Activate user
199. if ($this->dx_auth->activate($username, $key))
200. {
201. $data['auth_message'] = 'Your account have been successfully activated. '.ancho
r(site_url($this->dx_auth->login_uri), 'Login');
202. $this->load->view($this->dx_auth->activate_success_view, $data);
203. }
204. else
205. {
206. $data['auth_message'] = 'The activation code you entered was incorrect. Please
check your email again.';
207. $this->load->view($this->dx_auth->activate_failed_view, $data);
208. }
209. }
210.
211. function forgot_password()
212. {
213. $val = $this->form_validation;
214.
215. // Set form validation rules
216. $val->set_rules('login', 'Username or Email address', 'trim|required|xss_clean');
217.
218. // Validate rules and call forgot password function
219. if ($val->run() AND $this->dx_auth->forgot_password($val->set_value('login')))
220. {
221. $data['auth_message'] = 'An email has been sent to your email with instructions
with how to activate your new password.';
222. $this->load->view($this->dx_auth->forgot_password_success_view, $data);
223. }
224. else
225. {
226. $this->load->view($this->dx_auth->forgot_password_view);
42
43. 227. }
228. }
229.
230. function reset_password()
231. {
232. // Get username and key
233. $username = $this->uri->segment(3);
234. $key = $this->uri->segment(4);
235.
236. // Reset password
237. if ($this->dx_auth->reset_password($username, $key))
238. {
239. $data['auth_message'] = 'You have successfully reset you password, '.anchor(sit
e_url($this->dx_auth->login_uri), 'Login');
240. $this->load->view($this->dx_auth->reset_password_success_view, $data);
241. }
242. else
243. {
244. $data['auth_message'] = 'Reset failed. Your username and key are incorrect. Ple
ase check your email again and follow the instructions.';
245. $this->load->view($this->dx_auth->reset_password_failed_view, $data);
246. }
247. }
248.
249. function change_password()
250. {
251. // Check if user logged in or not
252. if ($this->dx_auth->is_logged_in())
253. {
254. $val = $this->form_validation;
255.
256. // Set form validation
257. $val->set_rules('old_password', 'Old Password', 'trim|required|xss_clean|
min_length['.$this->min_password.']|max_length['.$this->max_password.']');
258. $val->set_rules('new_password', 'New Password', 'trim|required|xss_clean|
min_length['.$this->min_password.']|max_length['.$this->max_password.']|
matches[confirm_new_password]');
43
44. 259. $val->set_rules('confirm_new_password', 'Confirm new Password', 'trim|
required|xss_clean');
260.
261. // Validate rules and change password
262. if ($val->run() AND $this->dx_auth->change_password($val-
>set_value('old_password'), $val->set_value('new_password')))
263. {
264. $data['auth_message'] = 'Your password has successfully been changed.';
265. $this->load->view($this->dx_auth->change_password_success_view, $dat
a);
266. }
267. else
268. {
269. $this->load->view($this->dx_auth->change_password_view);
270. }
271. }
272. else
273. {
274. // Redirect to login page
275. $this->dx_auth->deny_access('login');
276. }
277. }
278.
279. function cancel_account()
280. {
281. // Check if user logged in or not
282. if ($this->dx_auth->is_logged_in())
283. {
284. $val = $this->form_validation;
285.
286. // Set form validation rules
287. $val->set_rules('password', 'Password', "trim|required|xss_clean");
288.
289. // Validate rules and change password
290. if ($val->run() AND $this->dx_auth->cancel_account($val-
>set_value('password')))
291. {
44
45. 292. // Redirect to homepage
293. redirect('', 'location');
294. }
295. else
296. {
297. $this->load->view($this->dx_auth->cancel_account_view);
298. }
299. }
300. else
301. {
302. // Redirect to login page
303. $this->dx_auth->deny_access('login');
304. }
305. }
306. }
You can find this example in controllers/auth.php that included in DX Auth library download.
Recatpcha example
This is an advanced example how to use reCAPTCHA in registration. Make sure you already insert
reCAPTCHA key in config file, if not the example wouldn't work.
Here is the controller part.
view plaincopy to clipboardprint?
1. class Auth extends Controller
2. {
3. // Used for registering and changing password form validation
4. var $min_username = 4;
5. var $max_username = 20;
6. var $min_password = 6;
7. var $max_password = 10;
8.
9. function Auth()
10. {
11. parent::Controller();
12.
13. $this->load->library('Form_validation');
45
46. 14. $this->load->library('DX_auth');
15. }
16.
17. function index()
18. {
19. $this->login();
20. }
21.
22. /* Callback function */
23.
24. function username_check($username)
25. {
26. $result = $this->dx_auth->is_username_available($username);
27. if ( ! $result)
28. {
29. $this->form_validation->set_message('username_check', 'Username already exist. Plea
se choose another username.');
30. }
31.
32. return $result;
33. }
34.
35. function email_check($email)
36. {
37. $result = $this->dx_auth->is_email_available($email);
38. if ( ! $result)
39. {
40. $this->form_validation->set_message('email_check', 'Email is already used by another
user. Please choose another email address.');
41. }
42.
43. return $result;
44. }
45.
46. function recaptcha_check()
47. {
46
47. 48. $result = $this->dx_auth->is_recaptcha_match();
49. if ( ! $result)
50. {
51. $this->form_validation->set_message('recaptcha_check', 'Your confirmation code does
not match the one in the image. Try again.');
52. }
53.
54. return $result;
55. }
56.
57. /* End of Callback function */
58.
59. function register_recaptcha()
60. {
61. if ( ! $this->dx_auth->is_logged_in() AND $this->dx_auth->allow_registration)
62. {
63. $val = $this->form_validation;
64.
65. // Set form validation rules
66. $val->set_rules('username', 'Username', 'trim|required|xss_clean|min_length['.$this-
>min_username.']|max_length['.$this->max_username.']|callback_username_check|
alpha_dash');
67. $val->set_rules('password', 'Password', 'trim|required|xss_clean|min_length['.$this-
>min_password.']|max_length['.$this->max_password.']|matches[confirm_password]');
68. $val->set_rules('confirm_password', 'Confirm Password', 'trim|required|xss_clean');
69. $val->set_rules('email', 'Email', 'trim|required|xss_clean|valid_email|
callback_email_check');
70.
71. // Is registration using captcha
72. if ($this->dx_auth->captcha_registration)
73. {
74. // Set recaptcha rules.
75. // IMPORTANT: Do not change 'recaptcha_response_field' because it's used by reCAP
TCHA API,
76. // This is because the limitation of reCAPTCHA, not DX Auth library
77. $val->set_rules('recaptcha_response_field', 'Confirmation Code', 'trim|xss_clean|
required|callback_recaptcha_check');
78. }
47
48. 79.
80. // Run form validation and register user if it's pass the validation
81. if ($val->run() AND $this->dx_auth->register($val->set_value('username'), $val-
>set_value('password'), $val->set_value('email')))
82. {
83. // Set success message accordingly
84. if ($this->dx_auth->email_activation)
85. {
86. $data['auth_message'] = 'You have successfully registered. Check your email add
ress to activate your account.';
87. }
88. else
89. {
90. $data['auth_message'] = 'You have successfully registered. '.anchor(site_url($this
->dx_auth->login_uri), 'Login');
91. }
92.
93. // Load registration success page
94. $this->load->view($this->dx_auth->register_success_view, $data);
95. }
96. else
97. {
98. // Load registration page
99. $this->load->view('auth/register_recaptcha_form');
100. }
101. }
102. elseif ( ! $this->dx_auth->allow_registration)
103. {
104. $data['auth_message'] = 'Registration has been disabled.';
105. $this->load->view($this->dx_auth->register_disabled_view, $data);
106. }
107. else
108. {
109. $data['auth_message'] = 'You have to logout first, before registering.';
110. $this->load->view($this->dx_auth->logged_in_view, $data);
111. }
112. }
48
51. 69. <dt></dt>
70. <dd>
71. <?php
72. // Show recaptcha imgage
73. echo $this->dx_auth->get_recaptcha_image();
74. // Show reload captcha link
75. echo $this->dx_auth->get_recaptcha_reload_link();
76. // Show switch to image captcha or audio link
77. echo $this->dx_auth->get_recaptcha_switch_image_audio_link();
78. ?>
79.
80. </dd>
81.
82. <dt><?php echo $this->dx_auth->get_recaptcha_label(); ?></dt>
83. <dd>
84. <?php echo $this->dx_auth->get_recaptcha_input(); ?>
85.
86. <?php echo form_error('recaptcha_response_field'); ?>
87. </dd>
88.
89. <?php
90. // Get recaptcha javascript and non javasript html
91. echo $this->dx_auth->get_recaptcha_html();
92. ?>
93. <?php endif; ?>
94.
95.
96.
97. <dt></dt>
98.
99. <dd><?php echo form_submit('register','Register');?></dd>
100. </dl>
101.
102. <?php echo form_close()?>
103. </fieldset>
104. </body>
51
52. 105. </html>
You can find this example in controllers/auth.php and
views/auth/register_recaptcha_form.php that included in DX Auth library download.
Top of Page
Permission example
This is an example how to set permission using model.
Simple set permission
view plaincopy to clipboardprint?
1. // Load model
2. $this->load->model('dx_auth/permissions', 'permissions');
3.
4. // Set permission 'edit' permission to TRUE for role_id = 1.
5. $this->permissions->set_permission_value(1, 'edit', TRUE);
Set permission value at once.
view plaincopy to clipboardprint?
1. // Load model
2. $this->load->model('dx_auth/permissions', 'permissions');
3.
4. // Get role_id = 1 permission data first.
5. // So the previously set permission array key won't be overwritten with new array with key $key
only,
6. // when calling set_permission_data later.
7. $permission_data = $this->permissions->get_permission_data(1);
8.
9. // Set value in permission data array
10. $permission_data['edit'] = TRUE;
11. $permission_data['delete'] = FALSE;
12.
13. // Set permission data for role_id = 1
14. $this->permissions->set_permission_data(1, $permission_data);
This is an example how to get the permission using DX Auth, after user already logged in.
view plaincopy to clipboardprint?
52
53. 1. if ($this->dx_auth->get_permission_value('edit') != NULL AND $this->dx_auth-
>get_permission_value('edit'))
2. {
3. echo 'Editing is allowed in your role';
4. }
5. else
6. {
7. echo 'Editing is not allowed in your role';
8. }
You can see more of the example, in controllers/backend.php in uri_permissions and
custom_permissions function.
53