One of the features of the TextSide engine is a pre-created user account and security system. You can use this feature to manage creating and deleting users accounts on your site, as well as controlling access to what features users can access. This allows you to skip creating your own account system.
In the TextSide engine, users each belong to a single group, called a
User Group. Each group, in change, has a series of
Permissions that control what they can do. For example, an user that belongs to the Administrator group will have access to edit pages, while a regular user will not.
The TextSide engine comes with 3 standard groups built in (you can create new groups view the site Control Panel).
Admin - The admin group is the highest level user group. Users who belong to this have access to everything, including the control panel.
User - The "user" user group is the group that users are automatically placed in once they register. The site does not give them any special permissions, but you may check against this group if you wish to restrict zones to 'member only' pages.
Visitor - If a person visiting your site does not sign in, they are automatically placed in the visitor user group.
Note that you can manage users, groups, and permissions from the security section of your site's control panel.
The simplest way to use the sites user system is to place the login and registration part on one of your pages. This will automatically allow visitors to create an account as well as login. You will then be able to view these user accounts and manage them via your control panel.
The login part can also be used as reference to see how you can login and create accounts in your own code.
You can also access the security system from your code, allowing you to create new user accounts and check permissions within your projects. The following sections describe how to manually use these features within your CodeBehind pages. Most of these features can be accessed through static functions in either the User class or the Security class.
<?php
var $result = user::register($username, $password, $repeatPassword);
?>
You can check $result against the following constants to see if an error occured:
user::REGISTER_EMPTY_USERNAME
user::REGISTER_USERNAME_TAKEN
user::REGISTER_PASSWORD_MISMATCH
user::REGISTER_EMPTY_PASSWORD
user::REGISTER_OK
<?php
$result = user::login($username, $password);
?>
This will log the user in and set a cookie on their computer. Possible values for result are:
user::LOGIN_BADUSER
user::LOGIN_BADPASSWORD
user::LOGIN_OK
If username and password are not set, this will check for them in $_POST["username"] and $_POST["password"];
To logout a user you can use the global $siteUser variable. This is a global variable that contains a user class instance of the user that is logged in.
<?php
global $siteUser;
$siteUser->logout();
?>
To delete a user, you must first load up a user class instance, then call its delete method. For example:
<?php
$user = new user();
$user->loadFromDatabaseByUser("Zedd");
$user->delete();
?>
The TextSide engine already provides code to automattically login, logout, load accounts from cookies, and register new users. To access these functions, you just need to create a form with preset names.
Example Login Form:
<form action="<?=$PHP_SELF?>" method="post">
<input type="hidden" name="siteUserEvent" value="login" />
<input name="username" type="text">
<input name="password" type="password">
<input type="submit" value="Login!">
</form>
Example Logout Form:
<a href="<?PHP_SELF?>?siteUserEvent=logout">Logout!</a>
Example Register Form:
<form action="<?=$PHP_SELF?>" method="post">
<input type="hidden" name="siteUserEvent" value="register" />
<input name="username" type="text">
<input name="password" type="password">
<input name="password2" type="password">
<input name="firstname" type="text"> <!-- Optional -->
<input name="lastname" type="text"> <!-- Optional -->
<input name="email" type="text"> <!-- Optional -->
<input type="submit" value="Register!">
</form>
The result of login and register events can be found in the global variables: $loginResult and $registerResult. See Login a User and Register a User above to see their possible return values.
You can also access information about the current user from your code. The current user is stored in the global variable $siteUser. An example use:
<?php
global $siteUser;
echo("Hello $siteUser->name!");
?>
You can check the current user's permissions using global methods from the security class. An example:
<?php
security::hasAccess($permission);
?>
Where $permission is a string name for the permission that you want to check against. The permission that you check against would be dependent on your project. You can create your own permissions through the control panel, or programmatically via static methods in the security class. For more information, please check core/security/security.php for more information.
Loading...