Rev 16 | Blame | Compare with Previous | Last modification | View Log | Download | RSS feed
<!DOCTYPE html>
<?php
include_once( '../UsersDataSourceMySQLi.class.php' );
include_once( '../Users.class.php' );
session_start();
//session_destroy(); die;
/*
* this is an example of adding additional fields to a user record
* In this case, we have added a MySQL text field named where_clause
* to the database. It will be displayed as a textarea in the input
* forms.
*
* The modifications needed are different for the User and the
* UsersDataSource classes, but the structure is the same. We can
* safely use the same array, which contains the modifications to
* both classes since each class will just ignore any fields it
* doesn't need in the code.
* However, the items for the Users class is indicated by the comment
* For Users Class, and the ones for teh Data Source are labeled that
* way also.
*
* Note that many items are optional. For example, if 'label' is
* not set, the field name (where_clause) will be used.
*/
$customFields = array(
'tables' => array(
'users' => array(
'fields' => array(
'where_clause' => array(
// For Users class
// this will be the display label on the form
'label' => 'Limit via SQL where clause',
// the input type to use for data entry
'html type' => 'textarea',
// you can only edit this if an admin and changing someone
// else' record
'restrict' => true,
// will be displayed on a hover in HTML5 (ie, title=)
'instructions' => 'This will be added to every SQL query to limit access, or 1=1 for everything',
// this is entered in an empty box, ie placeholder=
'hint' => 'Enter an SQL where clause',
// for Data Source
'dbColumn' => 'where_clause',
// actual mySQL column type
'type' => 'text',
// set it to not null if we build the table ourselves
'required' => false
)
)
)
)
);
/* we haven't made the connection already, so instead we pass the
* parameters needed in the first parameter here and let the
* usersDataSource class make its own connection
*
* we also want to pass the customFields in so it will do the merge
* immediately.
*/
$connection = new usersDataSourceMySQLi(
array( 'username' => 'test', 'password' => 'test', 'database' => 'test' ),
$customFields
);
// Pass the same custom fields to the Users class
if ( ! isset( $_SESSION['user'] ) ) {
$_SESSION['user'] = new Users( $customFields );
}
// check if the user has request a log out.
if ( isset( $_REQUEST['logout'] ) )
$_SESSION['user']->logout();
$url = htmlentities($_SERVER["PHP_SELF"]);
?>
<html>
<head>
<meta charset="utf-8">
<title>Login</title>
<link href='users.css' rel='stylesheet' type='text/css'>
</head>
<body>
<div class="login">
<?php
// only used when we need to log in, empty otherwise
if ( isset( $_SESSION['user'] ) )
print $_SESSION['user']->HTML($connection);
?>
</div>
<div class='menu'>
<ul>
<?php
// build a little menu
if ( isset( $_SESSION['user'] ) && $_SESSION['user']->name() ) {
print "<p>Logged in as " . $_SESSION['user']->name() . '</p>';
print "<li><a href='$url?doAdmin=1'>Change Password</a></li>\n";
print "<li><a href='$url?logout=1'>Log Out</a></li>";
}
?>
</ul>
</div>
<div class='content'>
<?php
// this only displays something if doAdmin is set
if ( isset( $_REQUEST['doAdmin'] ) ) {
print $_SESSION['user']->admin($connection);
print $_SESSION['user']->errors();
$_SESSION['user']->clearErrors();
}
?>
</div>
</body>
</html>