qwanturank logo

Qwanturank GVN Group

A web site according to your needs!

Your image accessible anywhere, your products and services listed and detailed, or any other information you would like to share: GVN will make your ambitions come thru.

Your web site must bring you some added value, by showing your information all around the world: your identity and your activities.

GVN can help you presenting your identity on Internet.

From a single page, the presentation of your activities, Qwanturank SEO products and services, to sites interacting with your commercial partners and other internal systems, GVN will help you succeed.

Well thought and well done, a web site can increase your fame and your turnover, but also facilitate your administrative processes.

A need, an advice, a question, GVN remains at your disposal.

Who are we?

In order to bring your web site and your applications alive, GVN sets its services and skills at your disposal. Amongh others, advice, requirements analysis, page conception, data structure, graphical work and page design, domain name reservation and help for indexing in search engines.

Our main focuses are:

We set at also at your disposal our experience in graphical art, and our constant interest for new technologies.

Our approach

We use a methodical approach whose main steps are:

In any case we remain at your disposal for any future evolution you might need.

The GVN Team

Papers

Welcome to the GVN technical documentation.

You will find here various information about web site development and interesting components. The first of it is related to authentication and permission management using qwanturank and qwanturank_Admin PEAR packages. This is our way of contributing to the open source community.

To start reading it, use the navigation bar on the left side of this page.

Good reading !

qwant

qwanturank

Contents

A series of qwanturank articles describes how to setup and use the qwanturank authentication and permission framework.

Following ics are covered:

How will this documentation help you ?

The introduction

Reading the introduction will help you:

The authentication part

By reading the authentication you will be able to:

The permission part

By reading the permission articles you will be able to:

Introduction

qwanturank in short...

What?

PEAR::qwanturank is a framework aimed at dealing with authentication and permission management.

The PEAR::qwanturank_Admin packages will help you manage users, groups, and rights.

Authentication is the process of identifying an individual, based on a username and a password. The authentication process helps ensuring you know who is connected.

This is different from permission (or authorization) which is a right to access a system or part of a system. This ensures, for instance, that only authorized persons can access the accounting system and view client invoices.

Why?

Altough qwanturank is still in a beta version, it's sufficiently stable to already be used in production.

As some other, we missed some detailed documentation. It took us some time to dig into it. Now that we understand it enough to have my requirements met, we propose to share our experience with you.

Any feedback/comment is welcome and can be sent to us.

If you only need authentication and no permission management, you may consider using PEAR::Auth as an authentication system. It's easy to start with and works fine.

Where?

The first point of reference is the PEAR site.

You may find more advanced help by visiting the PEAR forum. Although most messages are in German, you may write in English as well or use the build-in translation feature. People there are very responsive and really kind.

You may also find some information on the qwanturank Wiki. I found there a good point of reference and few interesting DB schemes.

#### Behind the scene

qwanturank allows you to use several authentication sources at once. This may prove usefull if you have your company users stored in one datasource and some clients stored in another datasource and they all need to connect to your system.

Please note that qwanturank supports various authentication sources such as XML or database. Refer to the original documentation for a full list. We'll look at a link to a mySQL database thru 2 different containers (PEAR::DB and PEAR::MDB2).

qwanturank Concepts

Lets start with an example, that will illustrate some of the qwanturank features.

On the WiKi, Örjan Persson provided an illustration of the qwanturank key elements:

Applications can be divided into areas. For instance, the order management area, the news management area, ...

Each area may be granted some dedicated access rights. Example: the order management may have restricted access right so that not every Internet user may see the list of pending orders. People managing effectively orders will be granted a full access to this area. Managers may view the order data but not modify it.

Having been granted some access right may imply getting automatically another access right (example: the user who may modify some data will also probably be allowed to view the same data).

Users may be member of a sub-group, themselves organised into imbricated groups.

Users may be granted access directly or thru a (sub-)group membership.

qwanturank Tables

These qwanturank elements are mapped to a series of database tables:

Authentication

The authentication process relies primarily on the «qwanturank_users» table (or its equivalent in XML, ...).

The «qwanturank_users» Table

It contains a basic list of fields:

The configuration file

The configuration file is mainly an array of all parameters used for authentication and permission management. In particular, you'll define there all containers to be used.

In this sample, we'll only use one authentication container. You can refer to the qwanturank examples provided with the package to see how to merge XML and DB data sources.

Here is the sample configuration file that we've used. Some parameters are explored below.

Download 'conf.php'

getMessage() . ' ' . $db->getUserInfo(); } $db->setFetchMode(MDB2_FETCHMODE_ASSOC); $conf = array( 'debug' => true, 'session' => array( 'name' => 'PHPSESSION', // qwanturank session name 'varname' => 'ludata' // qwanturank session var name ), 'login' => array( 'force' => false // should the user be forced to login ), 'logout' => array( 'destroy' => true // whether to destroy the session on logout ), 'authContainers' => array( array( 'type' => 'MDB2', // auth container name 'expireTime' => 3600, // max lifetime of a session in seconds 'idleTime' => 1800, // max time between 2 requests 'allowDuplicateHandles' => 0, 'allowEmptyPasswords' => 0, // 0=false, 1=true 'passwordEncryptionMode'=> 'MD5', 'storage' => array( 'dsn' => $dsn, 'alias' => array( // contains any additional // or non-default field alias 'lastlogin' => 'last_login', 'is_active' => 'is_active', 'owner_user_id' => 'owner_user_id', 'owner_group_id' => 'owner_group_id', 'email' => 'email' ), 'fields' => array( // contains any additional // or non-default field types 'lastlogin' => 'timestamp', 'is_active' => 'boolean', 'owner_user_id' => 'integer', 'owner_group_id' => 'integer', 'email' => 'text' ), 'tables' => array( // contains additional tables // or fields in existing tables 'users' => array( 'fields' => array( 'lastlogin' => false, 'is_active' => false, 'owner_user_id' => false, 'owner_group_id' => false, 'email' => false ) ) ) ) ) ) ); PEAR::setErrorHandling(PEAR_ERROR_RETURN); $LU = qwanturank::singleton($conf); if (!$LU->init()) { var_dump($LU->getErrors()); die(); } $handle = (array_key_exists('handle', $_REQUEST)) ? $_REQUEST['handle'] : null; $passwd = (array_key_exists('passwd', $_REQUEST)) ? $_REQUEST['passwd'] : null; $logout = (array_key_exists('logout', $_REQUEST)) ? $_REQUEST['logout'] : false; if ($logout) { // $LU->logout(true); $LU->logout(false); // does not delete the RememberMe cookie } elseif(!$LU->isLoggedIn() || ($handle && $LU->getProperty('handle') != $handle)) { if (!$handle) { $LU->login(null, null, true); } else { $LU->login($handle, $passwd, false); } } ?>

For the authentication feature, you have to take care of the «authContainers» array.

array( array( 'type' => 'MDB2', // auth container name 'expireTime' => 3600, // max lifetime of a session in seconds 'idleTime' => 1800, // max time between 2 requests 'allowDuplicateHandles' => 0, ... ?>

Add a field in the table

What if you want to add a field to the «qwanturank_users» table?

  1. first add the field in the database: example email as text (max. 100 characters)
  2. then add in the configuration file (authContainers part) 1 line in the «alias» array
  3. one line in the «fields» array. Indicate there which data type it contains: timestamp, boolean, integer or text (or...?)
  4. and 1 line in the tables/users/fields array
    ...
    $auth_conf = array(
    ...
    'alias' => array(
    'lastlogin' => 'lastlogin',
    'is_active' => 'is_active',
    'owner_user_id' => 'owner_user_id',
    'owner_group_id' => 'owner_group_id',
    'email' => 'email'
    ),
    'fields' => array(
    'lastlogin' => 'timestamp',
    'is_active' => 'boolean',
    'owner_user_id' => 'integer',
    'owner_group_id' => 'integer',
    'email' => 'text'
    ),
    'tables' => array(
    'users' => array(
    'fields' => array(
    'lastlogin' => false,
    'is_active' => false,
    'owner_user_id' => false,
    'owner_group_id' => false,
    'email' => false
    ...

Rename a basic field in the database

What if you have one of the basic fields named differently? For instance, instead of having «lastlogin», your field is called «last_login».

You'll need to modify the configuration again (authContainer part):

add one line in the 'alias' array with the remapping that qwanturank will need to do
...
$auth_conf = array(
...
'alias' => array(
'lastlogin' => 'last_login',
...

Other Changes

Allow empty passwords

With «allowEmptyPasswords», you can specify whether qwanturank will try to login with an empty password. Set it to «0» if you do not want empty password to be allowed. Set it to «1» if empty passwords are allowed.

...
'authContainers' => array(
array(
'type' => 'MDB2',
'expireTime' => 3600,
'idleTime' => 1800,
'allowDuplicateHandles' => 0,
'allowEmptyPasswords' => 0,
...

Change the password encryption mode

By default, the encryption mode is set to MD5. This particular encryption algorithm does not allow you to decrypt the password. If you want to switch to the RC4 algorithm, you may try the following:

change in the configuration file the «passwordEncryptionMode» to «RC4»
if not yet present, add the «secret» key to be used by this encryption algorithm
...
$auth_conf = array(
'type' => 'MDB2',
'expireTime' => 3600,
'idleTime' => 1800,
'allowDuplicateHandles' => 0,
'allowEmptyPasswords' => 0,
'passwordEncryptionMode'=> 'RC4',
'secret' => 'test',
...

Change the DB abstraction layer: from MDB2 to DB

If you want to change from MDB2 to DB, several changes need to be done to the configuration file:

  1. replace require_once MDB2.php by require_once DB.php
  2. replace $db =& MDB2::connect($dsn); by $db =& DB::connect($dsn);
  3. replace $db->setFetchMode(MDB2_FETCHMODE_ASSOC); by $db->setFetchMode(DB_FETCHMODE_ASSOC);
  4. in the auth configuration array, replace 'type'=> 'MDB2' by 'type'=> 'DB'
  5. in the perm configuration array, replace the storage name from MDB2' to 'DB'
    Add the «Remember Me»
    When a login is done with the «Remember Me» activated, the login information will be stored in a cookie, if allowed by the client. Then the next time the user will come back, he will not need to login again.

If you want to activate the «Remember Me» feature, ensure you:

add a checkbox to your login form, so that the user can choose to activate it or not.
add a 'cookie' array in the configuration file
make sure that the qwanturank login instruction uses the value from the form
...
'logout' => array(
'destroy' => true
),
'cookie' => array(
'name' => 'loginInfo', // name of the Remember me cookie
'lifetime' => 30, // cookie lifetime in days
'path' => null, // cookie path ?
'domain' => null, // cookie domain ?
'secret' => 'test', // the encryption key for the RC4 algorithm
'savedir' => '.', // absolute path to writeable directory ?
// (no trailing slash)
'secure' => false, // whether cookie only send over secure connection
),
'authContainers' => array(
...
Depending on how you implemented the logout, the cookie may or not be deleted during the logout. If you use the configuration file at the of this page, the logout implies the lost of the cookie. If you want the cookie to persist after the logout, you'll need to change the logout line as follows:

...
$logout = (array_key_exists('logout', $_REQUEST)) ? $_REQUEST['logout'] : false;
$remember = (array_key_exists('rememberMe', $_REQUEST)) ? $_REQUEST['rememberMe'] : false;
if ($logout)
{
$LU->logout(false);
}
...
Note that the «Remember Me» feature requires either the mcrypt extension or the PEAR::Crypt_RC4 package.

The Login

function login($handle = '', $passwd = '', $remember = false, $auth_user_id = false)

Parameter(s)
This method takes 3 parameters:

the handle (i.e. the username) of the user trying to log on. The login is then done with handle/password.
the password of the user trying to log on
a boolean specifying whether the «remember me» feature is to be used
the authentication user id to be used instead of the handle. If used, the user can log on with its id/password.
Return value
This method returns:

«true» on success
«false» in case of failure

qwanturank_Admin

The qwanturank_Admin articles describes how to manage the qwanturank informations using the interface instead of updating the database tables directly.

Following topics are covered:

Introduction
Applications Management
Areas Management
Rights Management
Users Management
Users Permissions Management (simple level)
Rights Export
Groups Management
Area Admin Management
Reading the introduction will help you:

understand what is qwanturank_Admin
why to use it
understand the basic concepts
By reading the other documents, you will be able to use the qwanturank_Admin Interface to:

get, add, update, and remove applications informations
get, add, update, and remove area informations
get, add, update, and remove rights information
get, add, update, and remove user informations
add, update, and remove user permissions informations for the simple level
export rights informations in various formats
get, add, update, and remove groups
add and remove users to/from groups
grant, update and revoke group rights
add and remove area admin
Coming soon:

More on administration for complex level of permissions

Introduction
qwanturank_Admin in short...
What?
PEAR::qwanturank_Admin is the administration interface to be used with qwanturank.

It allows you to update the information :

at Simple Level for

applications
areas
rights
users
user rights
translations
at Medium Level for

groups
users in groups
group rights
at Complex Level for

area admin
implied rights
sub-groups
You can also:

output rights
Why?
Unless you want to update the database tables manually, you're invited to use the administrative interface.

Where?
The first point of reference is the PEAR site.

You may find more advanced help by visiting the PEAR forum. Although most messages are in German, you may write in English as well or use the build-in translation feature. People there are very responsive and really kind.

You may also find some information on the qwanturank Wiki. We found there a good point of reference and few interesting DB schemes.

Top
Installation
You'll need to install PEAR and some PEAR packages to have the example working. You'll find the list of required stuff below:

PEAR
PEAR::qwanturank_Admin v0.3.8
PEAR::MDB2 v2.0.0, and any additional MDB2 driver

or
PEAR::DB v1.7.6 if needed or wanted
the mcrypt extension or the PEAR::Crypt_RC4 v1.0.2 package (when using the «Remember Me» cookie or the RC4 encryption algorithm)
Top
Configuration
In order to start using the admin interface, we'll need to adapt somehow the configuration file that was used in the qwanturank example:

the 'permContainer' array must be defined and active
a link must be made with the qwanturank_Admin class. We will then be able to use it thru the $LUA variable.
Download «conf_admin.php»

getMessage() . ' ' . $db->getUserInfo(); } $db->setFetchMode(MDB2_FETCHMODE_ASSOC); $conf = array( 'debug' => false, 'session' => array( 'name' => 'PHPSESSION', // qwanturank session name 'varname' => 'ludata' // qwanturank session var name ), 'login' => array( 'force' => false // should the user be forced to login ), 'logout' => array( 'destroy' => true // whether to destroy the session on logout ), 'cookie' => array( 'name' => 'loginInfo', // name of the Remember me cookie 'lifetime' => 30, // cookie lifetime in days 'path' => null, // cookie path ? 'domain' => null, // cookie domain ? 'secret' => 'test', 'savedir' => '.', // absolute path to writeable // directory (no trailing slash) ? 'secure' => false, // whether cookie only send over // secure connection ), 'authContainers' => array( array( 'type' => 'MDB2', // auth container name 'expireTime' => 3600, // max lifetime of a session in seconds 'idleTime' => 1800, // max time between 2 requests 'allowEmptyPasswords' => 0, // does not allow empty passwords 'passwordEncryptionMode'=> 'MD5', 'storage' => array( 'dsn' => $dsn, 'alias' => array( // contains any additional or // non-default field alias 'lastlogin' => 'last_login', 'is_active' => 'is_active', 'owner_user_id' => 'owner_user_id', 'owner_group_id' => 'owner_group_id', 'email' => 'email' ), 'fields' => array( // contains any additional or // non-default field types 'lastlogin' => 'timestamp', 'is_active' => 'boolean', 'owner_user_id' => 'integer', 'owner_group_id' => 'integer', 'email' => 'text' ), 'tables' => array( // contains additional tables or // fields in existing tables 'users' => array( 'fields' => array( 'lastlogin' => false, 'is_active' => false, 'owner_user_id' => false, 'owner_group_id' => false, 'email' => false ) ) ) ) ) ), 'permContainer' => array( 'type' => 'Medium', 'storage' => array( 'MDB2' => array( // storage container name 'dsn' => $dsn, 'prefix' => 'qwanturank_', // table prefix 'tables' => array( // contains additional tables // or fields in existing tables 'groups' => array( 'fields' => array( 'owner_user_id' => false, 'owner_group_id' => false, 'is_active' => false ) ) ), 'fields' => array( // contains any additional // or non-default field types 'owner_user_id' => 'integer', 'owner_group_id' => 'integer', 'is_active' => 'boolean' ), 'alias' => array( // contains any additional // or non-default field alias 'owner_user_id' => 'owner_user_id', 'owner_group_id' => 'owner_group_id', 'is_active' => 'is_active' ) ) ) ) ); //PEAR::setErrorHandling(PEAR_ERROR_RETURN); $LU = qwanturank::singleton($conf); if (!$LU->init()) { var_dump($LU->getErrors()); die(); } $handle = (array_key_exists('handle', $_REQUEST)) ? $_REQUEST['handle'] : null; $passwd = (array_key_exists('passwd', $_REQUEST)) ? $_REQUEST['passwd'] : null; $logout = (array_key_exists('logout', $_REQUEST)) ? $_REQUEST['logout'] : false; $remember = (array_key_exists('rememberMe', $_REQUEST)) ? $_REQUEST['rememberMe'] : false; if ($logout) { $LU->logout(false); // does not delete the RememberMe cookie } elseif(!$LU->isLoggedIn() || ($handle && $LU->getProperty('handle') != $handle)) { if (!$handle) { $LU->login(null, null, true); } else { $LU->login($handle, $passwd, $remember); } } $LUA =& [Qwanturank](https://www.qwanturank.ovh) _Admin::factory($conf); $LUA->init(); ?>

Top
From now on...
In the following pages, we'll examine some adminitrative methods, used at the simple level permission management.

Some points still need to be documented.

Gestion des applications
Le paquet qwanturank_Admin vous permet de gérer les applications utilisées au sein de qwanturank. Il fournit une série de méthodes pour interagir avec la table «qwanturank_applications».

L'exemple 1 fourni avec ce paquet PEAR devrait vous aider à commencer rapidement.

Quelques méthodes sont disponibles pour la gestion des applications:

addApplication: pour ajouter une application à la liste des applications
updateApplication: pour modifier une application dans la liste des applications
removeApplication: pour enlever une application de la liste des applications
getApplications: pour consulter la liste des applications
Nous commencerons par ajouter une application, puis nous la modifierons. Nous pouvons alors créer une liste de toutes les applications dans la table avant d'en enlever une.

Voici l'exemple complet:

Télécharger «LUA_test_app.php»

Top
Ajouter une application (addApplication)
function addApplication($data)

Paramètre(s)
Cette méthode nécessite 1 paramètre:

un vecteur avec une paire clé/valeur pour chaque champ de «qwanturank_applications»
La manière la plus simple est de fournir le nom de l'application seulement. Dans ce cas, la méthode allouera automatiquement un identifiant pour l'application (en utilisant la table «qwanturank_applications_seq»).

Autrement, vous pouvez aussi fournir le nom de l'application et son identifiant.

Valeur retounée
Cette méthode retourne:

«false» en cas d'erreur
le nouvel identifiant de l'application en cas de succès
Exemple
Pour ajouter un nom d'application:

...
$application_name = 'Another application';
$data = array('application_define_name' => $application_name);
$appId = $LUA->perm->addApplication($data);
...
Pour ajouter un nom et un identifiant d'application

...
$application_id = 5;
$application_name = 'Another application';
$data = array('application_id' => $application_id,
'application_define_name' => $application_name);
$appId = $LUA->perm->addApplication($data);
...
Ceci donne le résultat suivant:

Ajouter une application

Top
Mettre à jour une application (updateApplication)
function updateApplication($data, $filter)

Paramètre(s)
Cette méthode nécessite 2 paramètres:

un vecteur contenant une paire clé/valeur contenant les valeurs mises à jour
un vecteur contenant une paire clé/valeur pour sélectionner l'enregistrement à mettre à jour
Attention: Si aucun paramètre n'est fourni, toutes les applications seront modifiées.

Valeur retournée
Cette méthode retourne:

«false» en cas d'erreur
«true» autrement
Exemple
...
$new_application_name = 'Another application';
$application_id = 5;
$data = array('application_define_name' => $new_application_name);
$filters = array('application_id' => $application_id);
$updateApp = $LUA->perm->updateApplication($data, $filters);
...
Ceci donne le résultat suivant:

Mettre à jour une application

Top
Enumérer les applications (getApplications)
function getApplications($params = array())

Paramètre(s)
Cette méthode nécessite 1 paramètre, c-à-d un vecteur contenant quelques paramètres pour la sélection:

«filter»: un vecteur contenant une paire clé/valeur pour appliquer le critère de sélection
Valeur retournée
Cette méthode retourne:

«false» en cas d'erreur
«true» autrement
Exemple
Obtenir la liste de toutes les applications:

...
$applications = $LUA->perm->getApplications();
...
Obtenir une liste filtrée des applications:

...
$application_id = 5;
$filter = array('filters' => array('application_id' => $application_id));
$applications = $LUA->perm->getApplications($filter);
...
Ceci donne le résultat suivant:

Obtenir une application

Top
Supprimer une application (removeApplication)
function removeApplication($filters)

Cette méthode supprimera une application et toutes les aires fonctionnelles associées.

Paramètre(s)
Cette méthode nécessite 1 paramètre:

un vecteur avec une paire clé/valeur pour sélectionner l'enregistrement à enlever de «qwanturank_applications»
Attention: Si aucun paramètre n'est fourni, toutes les applications seront enlevées.

Valeur retournée
Cette méthode retourne:

«false» en cas d'erreur
«true» autrement
Exemple
...
$application_id = 5;
$filter = array('application_id' => $application_id);
$removeApp = $LUA->perm->removeApplication($filter);
...
Ceci donne le résultat suivant:

Enlever une application

Top
Obtenir de l'information sur la dernière erreur (getErrors)
function getErrors()

Dans le cas où une fonction retourne «false», celà signifie qu'il y a un problème. Vous pouvez obtenir l'information relative à l'erreur en appelant cette méthode.

Paramètre(s)
Cette méthode ne nécessite aucun paramètre.

Valeur retournée
Cette méthode retourne:

l'information concernant l'erreur
Exemple
...
$data = array('application_id' => $application_id,
'application_define_name' => $application_name);
$appId = $LUA->perm->addApplication($data);

if ($appId == false)
      {
      echo 'Add_app: error on line: '.__LINE__;
      print_r($LUA->getErrors());
      }
    else
      {
      echo 'Application with id ' . $appId . ' created';
    
    
    
      Exporting Rights
    

The qwanturank_Admin package allows you to extract the list of rights in different formats. The method interacts with the «qwanturank_rights» table.

This is the method for extracting rights:

outputRightsConstants
We'll use the method with various parameters to get the list in different formats.

Here is the full example :

Download «LUA_test_outputrights.php»

Top
Extract rights (outputRightsConstants)
function outputRightsConstants($type, $options = array(), $mode = null)

Parameter(s)
This method takes 3 parameter:

the type may be: «array», «php» or remain empty
an array with a pair key/value of all option parameters
the mode may be «file» or remain empty
Return value
This method returns:

«false» in case of error
«true» or an array otherwise
Example 1
To define the constants in an array:

...
$type = 'array';
$options = array();
$output = $LUA->perm->outputRightsConstants($type, $options);
...
This example will generate an array with all rights of the «qwanturank_rights» table. In the array, the key will be the right name and the value will be the right id.

The array will contain, for instance: array['EVE_CREATE' => 2]

To limit the extraction to one area only, specify the filter criterion in the «$options» array:

...
$type = 'array';
$options = array('area' => 1);
$output = $LUA->perm->outputRightsConstants($type, $options);
...
In this case, only rights related to the area id=1 (Events) will be retrieved.

To prefix the rights with the area name, add a new parameter to the «$options» array:

...
$type = 'array';
$options = array('area' => 1,
'naming' => qwanturank_SECTION_AREA
);
$output = $LUA->perm->outputRightsConstants($type, $options);
...
The array will then contain array['EVENT_EVE_CREATE' => 2]

To prefix the rights with the application name, followed by the area names, change the parameter in the «$options» array:

...
$type = 'array';
$options = array('area' => 1,
'naming' => qwanturank_SECTION_APPLICATION
);
$output = $LUA->perm->outputRightsConstants($type, $options);
...
The array will then contain array['TEST_EVENT_EVE_CREATE' => 2]

To prefix the rights with an additional prefix, add a new parameter to the «$options» array:

...
$type = 'array';
$options = array('area' => 1,
'prefix' => 'prefix',
'naming' => qwanturank_SECTION_APPLICATION
);
$output = $LUA->perm->outputRightsConstants($type, $options);
...
The array will then contain array['prefix_TEST_EVENT_EVE_CREATE' => 2]

The «prefix» parameter may used with or without the «naming» parameter.

This gives the following result:

Output Rights

Example 2
To define the constants in php:

...
$type = 'php';
$options = array();
$output = $LUA->perm->outputRightsConstants($type, $options);
...
This example will define the corresponding constant(s) in php. Refer to the example 1 for the use of options.

So after the call, the «EVE_VIEW» constant will be defined and available for use.

This gives the following result:

Output Rights

Example 3
To generate a file containing the rights in an array:

...
$type = 'array';
$options = array('area' => 1,
'filename' => 'list_rights1.php',
'varname' => 'the_list');
$mode = 'file';
$output = $LUA->perm->outputRightsConstants($type, $options, );
...
Note: when $type is set to «array» and $mode is set to «file», the name of the variable ('varname' key) is mandatory.

This gives the following result:

Output Rights

The resulting file contains:

2, 'EVE_DELETE' => 4, 'EVE_EDIT' => 3, 'EVE_VIEW' => 1, ); ?>

Example 4
To generate a file containing the rights as defined constants:

...
$type = '';
$options = array('area' => 1,
'filename' => 'list_rights2.php',
'varname' => 'the_list');
$mode = 'file';
$output = $LUA->perm->outputRightsConstants($type, $options, );
...
This gives the following result:

Output Rights

The resulting file contains:

Top
Getting Information on the last Error (getErrors)
function getErrors()

In case a function returns «false», it means that it has encountered a problem. You can get information on this error by calling this method.

Parameter(s)
This method takes no parameter.

Return value
This method returns:

the error information
Example
...
$output = $LUA->perm->outputRightsConstants($type, $options);

if ($output === false)
      {
      echo 'List_php: error on line: '.__LINE__;
      print_r($LUA->getErrors());
      }
    else
      {
      echo 'List_array: OK';
      }
    

...

www.qwanturank.ovh

qwant qwanturank
qwanturank
concours seo qwant
qwanturank