phpframeworksuser-administration

Framework for administrating users

I'm looking for a framework I can use in my new webproject.

The main concern for me is handling my users, therefore I'm on the lookout for a framwork that can handle them for me. I develop in PHP, so preferably that's the language it should use.
I would like the framework to take care of new users signing up and I would also like it to handle the sessions and authentication process.

What kind of options do I have, and what do people recommend?

Solution

  • if the only thing you want to do is user management then you may use some libraries ( classes ) instead of full framework, because there is nothing ( as far as I know ) called framework for user management only.. I'm working now to make a framework called aiki, and it's gpl, so here is the class I wrote for user management it may help you

    <?php
    class membership
    {
        var $permissions;
        var $full_name;
        var $username;
        var $group_level;

        function membership(){
            session_start();
        }

        function login ($username, $password){
            global $db, $layout;


            $password = stripslashes($password);
            $password = md5(md5($password));


            $get_user = $db->get_row("SELECT * FROM aiki_users where username='".$username."' and password='".$password."' limit 1");

            if($get_user->username == $username and $get_user->password == $password){

                $host_name = $_SERVER['HTTP_HOST'];
                $user_ip = $this->get_ip();


                $usersession = $this->generate_session(100);
                $_SESSION['aiki'] = $usersession;

                $insert_session = $db->query("INSERT INTO aiki_users_sessions (`session_id`,`user_id`,`user_name`,`session_date`,`user_session`, `user_ip`) VALUES ('','$get_user->userid','$username',NOW(),'$usersession','$user_ip')");
                $update_acces = $db->query("UPDATE `aiki_users` SET `last_login`= NOW(),`last_ip`='$user_ip', `logins_number`=`logins_number`+1 WHERE `userid`='$get_user->userid' LIMIT 1");

            } else{
            }

        }

        function isUserLogged ($userid){
            global $db;
            $user_session = $db->get_var("SELECT user_id FROM aiki_users_sessions where user_session='$_SESSION[aiki]'");
            if ($user_session == $userid){
                return true;
            }else{
                return false;
            }
        }

        function getUserPermissions ($user){
            global $db;
            $user = mysql_escape_string($user);

            $user = $db->get_row("SELECT userid, usergroup, full_name, username FROM aiki_users where username='$user'");
            if ($user->userid and $this->isUserLogged($user->userid)){
                $group_permissions = $db->get_row("SELECT group_permissions, group_level FROM aiki_users_groups where id='$user->usergroup'");

                $this->full_name = $user->full_name;
                $this->username = $user->username;
                $this->group_level= $group_permissions->group_level;


            }else{
                $this->permissions = "";
            }

            $this->permissions = $group_permissions->group_permissions;
        }

        //function from Membership V1.0
        //http://AwesomePHP.com/gpl.txt
        function get_ip(){
            $ipParts = explode(".", $_SERVER['REMOTE_ADDR']);
            if ($ipParts[0] == "165" && $ipParts[1] == "21") {
                if (getenv("HTTP_CLIENT_IP")) {
                    $ip = getenv("HTTP_CLIENT_IP");
                } elseif (getenv("HTTP_X_FORWARDED_FOR")) {
                    $ip = getenv("HTTP_X_FORWARDED_FOR");
                } elseif (getenv("REMOTE_ADDR")) {
                    $ip = getenv("REMOTE_ADDR");
                }
            } else {
                return $_SERVER['REMOTE_ADDR'];
            }
            return $ip;
        }

        //Generate session
        function generate_session($strlen){
            return substr(md5(uniqid(rand(),true)),1,$strlen);
        }



        function LogOut(){
            global $db, $layout;
            $domain = $_SERVER['HTTP_HOST'];
            $path = $_SERVER['SCRIPT_NAME'];
            $queryString = $_SERVER['QUERY_STRING'];
            $thisurlnologout = "http://" . $domain . $path . "?" . $queryString;
            $thisurlnologout = str_replace("&operators=logout", "", $thisurlnologout);

            $make_offline = $db->query("UPDATE `aiki_guests` SET `is_online`='0' WHERE `guest_session`='$_SESSION[aiki]' LIMIT 1");
            $delete_session_data = $db->query("DELETE FROM aiki_users_sessions where user_session='$_SESSION[aiki]'");
            unset($_SESSION['aiki']);
            session_destroy();
            session_unset();
            $layout->html_output .= '<META HTTP-EQUIV="refresh" content="1;URL=http://'.$domain.$path.'"><center><b>Logging out</b></center>';
            //die();
        }

    }
?>

    and here is a simple sql dump for that

    CREATE TABLE IF NOT EXISTS `aiki_guests` (
  `userid` int(9) unsigned NOT NULL auto_increment,
  `first_login` datetime NOT NULL,
  `last_hit` datetime NOT NULL,
  `last_hit_unix` int(11) NOT NULL,
  `ip` varchar(40) NOT NULL,
  `last_ip` varchar(40) NOT NULL,
  `username` varchar(255) NOT NULL,
  `guest_session` varchar(255) NOT NULL,
  `hits` int(11) NOT NULL,
  `is_online` int(11) NOT NULL,
  PRIMARY KEY  (`userid`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=54 ;

-- --------------------------------------------------------

--
-- Table structure for table `aiki_users`
--

CREATE TABLE IF NOT EXISTS `aiki_users` (
  `userid` int(9) unsigned NOT NULL auto_increment,
  `username` varchar(100) NOT NULL default '',
  `full_name` varchar(255) NOT NULL,
  `country` varchar(255) NOT NULL,
  `sex` varchar(25) NOT NULL,
  `job` varchar(255) NOT NULL,
  `password` varchar(100) NOT NULL default '',
  `usergroup` int(10) NOT NULL default '0',
  `email` varchar(100) NOT NULL default '',
  `avatar` varchar(255) NOT NULL,
  `homepage` varchar(100) NOT NULL default '',
  `first_ip` varchar(40) NOT NULL default '0',
  `first_login` datetime NOT NULL,
  `last_login` datetime NOT NULL,
  `last_ip` varchar(40) NOT NULL,
  `user_permissions` text NOT NULL,
  `maillist` int(1) NOT NULL,
  `logins_number` int(11) NOT NULL,
  `randkey` varchar(255) NOT NULL,
  `is_active` int(5) NOT NULL,
  PRIMARY KEY  (`userid`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;

-- --------------------------------------------------------

--
-- Table structure for table `aiki_users_groups`
--

CREATE TABLE IF NOT EXISTS `aiki_users_groups` (
  `id` int(3) NOT NULL auto_increment,
  `app_id` int(11) NOT NULL,
  `name` varchar(255) NOT NULL,
  `group_permissions` varchar(255) NOT NULL,
  `group_level` int(11) NOT NULL,
  PRIMARY KEY  (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=7 ;

-- --------------------------------------------------------

--
-- Table structure for table `aiki_users_sessions`
--

CREATE TABLE IF NOT EXISTS `aiki_users_sessions` (
  `session_id` int(11) NOT NULL auto_increment,
  `user_id` int(11) NOT NULL,
  `user_name` varchar(255) NOT NULL,
  `session_date` datetime NOT NULL,
  `user_session` varchar(255) NOT NULL,
  `user_ip` varchar(100) NOT NULL,
  PRIMARY KEY  (`session_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;

    now all you need is to add the db and create users inside it remember that you will have to md5 the password twice, like:

    $password = "what ever";
$password = md5(md5($password));

    and to use this class: build a form then

    $membership = new membership();

    Login: $membership->login($_POST['username'], $_POST['password']);

    and you can build groups inside the groups table then

    $membership->getUserPermissions($username);

    then you can do thing based on the returned $membership->permissions value like :

    switch ($membership->permissions){

    }