BAOBAB
Public Member Functions | Public Attributes | Protected Attributes | List of all members
CO_Access Class Reference
Inheritance diagram for CO_Access:
Collaboration diagram for CO_Access:

Public Member Functions

 __construct ( $in_login_id=NULL, $in_hashed_password=NULL, $in_raw_password=NULL, $in_api_key=NULL)
 
 item_exists ( $in_id, $in_visibility_test=false)
 
 get_security_ids ($no_personal=false)
 
 get_personal_security_ids ()
 
 get_all_personal_ids_except_for_id ( $in_id=0)
 
 get_logins_with_personal_ids ()
 
 is_this_a_personal_id ( $in_id)
 
 add_personal_token_from_current_login ( $in_to_id, $in_id)
 
 remove_personal_token_from_this_login ( $in_to_id, $in_id)
 
 get_logins_that_have_any_of_my_ids ()
 
 is_this_a_login_id ( $in_id)
 
 get_available_tokens ($no_personal=false)
 
 main_db_available ()
 
 get_login_id ( $in_login_id=NULL)
 
 get_login_item ( $in_login_id=NULL)
 
 get_lang ( $in_login_id=NULL)
 
 god_mode ()
 
 check_login_exists ( $in_login_id)
 
 get_remaining_time ($in_login_id=NULL)
 
 check_login_exists_by_login_string ( $in_login_id_string)
 
 get_login_item_by_login_string ( $in_login_id_string)
 
 check_user_exists ( $in_login_id)
 
 make_new_blank_record ( $in_classname)
 
 get_multiple_data_records_by_id ( $in_id_array)
 
 get_single_data_record_by_id ( $in_id)
 
 get_data_access_class_by_id ( $in_id)
 
 get_security_access_class_by_id ( $in_id)
 
 can_i_see_this_data_record ( $in_id)
 
 can_i_see_this_security_record ( $in_id)
 
 get_all_data_readable_records ( $open_only=false, $in_this_id=NULL)
 
 get_all_data_writeable_records ( $in_this_id=NULL)
 
 security_db_available ()
 
 i_have_this_token ( $in_token_to_test)
 
 get_multiple_security_records_by_id ( $in_id_array)
 
 get_single_security_record_by_id ( $in_id)
 
 get_all_security_readable_records ( $in_this_id=NULL)
 
 get_all_security_writeable_records ( $in_this_id=NULL)
 
 write_data_record ( $params_associative_array)
 
 delete_data_record ( $id)
 
 generic_search ( $in_search_parameters=NULL, $or_search=false, $page_size=0, $initial_page=0, $and_writeable=false, $count_only=false, $ids_only=false)
 
 get_all_login_objects ( $and_write=false)
 
 get_all_tokens ()
 
 get_all_login_objects_with_access ( $in_security_token, $and_write=false)
 
 get_all_user_objects_with_access ( $in_security_token)
 

Public Attributes

 $valid
 This will be true, if the instance is "valid" (has at least an initialized "data" database). More...
 
 $error
 If there was an error, it will be held here. More...
 
 $class_description
 This is a brief textual description of the class. More...
 
 $version
 This will contain the BADGER Version. More...
 

Protected Attributes

 $_data_db_object
 This is the instance of the class representing the "data" database. This will always be instantiated. More...
 
 $_security_db_object
 This is the instance of the class representing the "scurity" database. This may not be instantiated, if there is no login. More...
 
 $_login_id
 This is an integer, containing the security DB ID of the logged-in user. It will be NULL for no login. More...
 

Detailed Description

This is the principal interface class for BADGER. To use BADGER, you instantiate this class with a login (or no login), and the instance handles all the database setup and permission-setting in the background.

You then use this class as your database interface. No SQL or DB commands. It's all functions, and it should all go through this class or instances of records that it supplies. You do not interface with the databases. This is a functional interface.

This class is designed to be specialized and subclassed. In it's "pure" form, it is extremely generic.

BADGER consists of two databases: The "data" database, and the "security" database. These do not have any database-level relations. They can both be set up on different servers, and could even be different SQL databases, as the schemas are very simple, and we use PDO to access them.

The databases are crazy simple. Each consists of one table, with only a single schema table. Much of the specialization is done through subclasses.

Each database record has a classname stored. This is used to instantiate the appropriate class to interpret that record.

Security is tinfoil. Not only are there two databases, with the ability to encapsulate the security database in a hardened server, but each login is given an ACL, and that ACL determines what it can see or modify.

Each record has one code for reading, and one code for writing. If the code is not available in the logged-in user's ACL, then that user can't see the data, or modify it. This is enforced at the SQL level. The system will not even read in records that don't match the security key.

You set up BADGER with a config file, which implements a static class with some basic parameters for use in the system. For security, it's a good idea to locate the config file outside the HTTP tree.

You include the config file in whatever context is your main context, and include this file after that. You should define the "LGV_ACCESS_CATCHER" define to "1", so this file will run. This file will take care of other access tokens as necessary.

Definition at line 81 of file co_access.class.php.

Constructor & Destructor Documentation

◆ __construct()

CO_Access::__construct (   $in_login_id = NULL,
  $in_hashed_password = NULL,
  $in_raw_password = NULL,
  $in_api_key = NULL 
)

The constructor.

Parameters
$in_login_idThe login ID
$in_hashed_passwordThe password, crypt-hashed
$in_raw_passwordThe password, cleartext.
$in_api_keyAn API key, for REST.

Reimplemented in CO_Chameleon.

Definition at line 97 of file co_access.class.php.

101  {
102  $this->class_description = 'The main data access class.';
103 
104  $this->_login_id = NULL;
105  $this->_data_db_object = NULL;
106  $this->_security_db_object = NULL;
107  $this->error = NULL;
108  $this->valid = false;
109  $this->version = __BADGER_VERSION__;
110 
111  if ( !defined('LGV_ERROR_CATCHER') ) {
112  define('LGV_ERROR_CATCHER', 1);
113  }
114 
115  require_once(CO_Config::badger_shared_class_dir().'/error.class.php');
116 
117  if ( !defined('LGV_DB_CATCHER') ) {
118  define('LGV_DB_CATCHER', 1);
119  }
120 
121  require_once(CO_Config::db_class_dir().'/co_pdo.class.php');
122 
123  // We only load the security DB if there was a login/password (or API key) sent in.
124  if ((isset($in_login_id) && $in_login_id) && ((isset($in_hashed_password) && $in_hashed_password) || (isset($in_raw_password) && $in_raw_password)) || (isset($in_api_key) && $in_api_key)) {
125  try {
126  $pdo_security_db = new CO_PDO(CO_Config::$sec_db_type, CO_Config::$sec_db_host, CO_Config::$sec_db_name, CO_Config::$sec_db_login, CO_Config::$sec_db_password);
127  $this->_security_db_object = new CO_Security_DB($pdo_security_db, $this);
128  $dont_create_new_api_key = false;
129 
130  // If they have provided an API key, then the first thing we do, is see if it's valid.
131  // If so, then we ignore the passed-in password and login, and use the ones provided from the API-key-related login, instead.
132  if (isset($in_api_key) && $in_api_key) {
133  $api_results = $this->_security_db_object->get_credentials_by_api_key($in_api_key);
134 
135  if (isset($api_results) && is_array($api_results) && (2 == count($api_results))) {
136  $in_login_id = $api_results['login_id'];
137  $in_hashed_password = $api_results['hashed_password'];
138  $dont_create_new_api_key = true;
139  }
140  }
141 
142  $login_record = $this->_security_db_object->get_initial_record_by_login_id($in_login_id);
143  if ($this->_security_db_object->error) {
144  $this->error = $this->_security_db_object->error;
145 
146  return;
147  }
148  if (isset($login_record) && ($login_record instanceof CO_Security_Login)) {
149  if (!$login_record->is_login_valid($in_login_id, $in_hashed_password, $in_raw_password, $dont_create_new_api_key)) {
150  $this->error = new LGV_Error( CO_Lang_Common::$pdo_error_code_invalid_login,
151  CO_Lang::$pdo_error_name_invalid_login,
152  CO_Lang::$pdo_error_desc_invalid_login);
153 
154  $this->_security_db_object = NULL;
155  return;
156  }
157  } else {
158  $this->error = new LGV_Error( CO_Lang_Common::$pdo_error_code_invalid_login,
159  CO_Lang::$pdo_error_name_invalid_login,
160  CO_Lang::$pdo_error_desc_invalid_login);
161 
162  $this->_security_db_object = NULL;
163  return;
164  }
165 
166  $this->_login_id = $login_record->id();
167  $login_record->update_db(); // This forces the login to update its last_access field and API key. We use this to track logins.
168  } catch (Exception $exception) {
169  $this->error = new LGV_Error( CO_Lang_Common::$pdo_error_code_failed_to_open_security_db,
170  CO_Lang::$pdo_error_name_failed_to_open_security_db,
171  CO_Lang::$pdo_error_desc_failed_to_open_security_db,
172  $exception->getFile(),
173  $exception->getLine(),
174  $exception->getMessage());
175  $this->_security_db_object = NULL;
176  return;
177  }
178  }
179 
180  try {
181  $pdo_data_db = new CO_PDO(CO_Config::$data_db_type, CO_Config::$data_db_host, CO_Config::$data_db_name, CO_Config::$data_db_login, CO_Config::$data_db_password);
182  $this->_data_db_object = new CO_Main_Data_DB($pdo_data_db, $this);
183  } catch (Exception $exception) {
184  $this->error = new LGV_Error( CO_Lang_Common::$pdo_error_code_failed_to_open_data_db,
185  CO_Lang::$pdo_error_name_failed_to_open_data_db,
186  CO_Lang::$pdo_error_desc_failed_to_open_data_db,
187  $exception->getFile(),
188  $exception->getLine(),
189  $exception->getMessage());
190  $this->_data_db_object = NULL;
191  $this->_security_db_object = NULL;
192  return;
193  }
194 
195  $this->valid = true;
196  }
__BADGER_VERSION__
const __BADGER_VERSION__
Definition: co_access.class.php:28
CO_PDO
This class provides a genericized interface to the PHP PDO toolkit.
Definition: co_pdo.class.php:32
CO_Lang_Common\$pdo_error_code_invalid_login
static $pdo_error_code_invalid_login
Definition: common.inc.php:44
CO_Lang_Common\$pdo_error_code_failed_to_open_data_db
static $pdo_error_code_failed_to_open_data_db
Definition: common.inc.php:42
CO_Lang_Common\$pdo_error_code_failed_to_open_security_db
static $pdo_error_code_failed_to_open_security_db
Definition: common.inc.php:43
CO_Lang\$pdo_error_name_failed_to_open_security_db
static $pdo_error_name_failed_to_open_security_db
Definition: en.php:35
CO_Lang\$pdo_error_name_failed_to_open_data_db
static $pdo_error_name_failed_to_open_data_db
Definition: en.php:32
CO_Lang\$pdo_error_desc_failed_to_open_security_db
static $pdo_error_desc_failed_to_open_security_db
Definition: en.php:36
CO_Lang\$pdo_error_name_invalid_login
static $pdo_error_name_invalid_login
Definition: en.php:38
CO_Lang\$pdo_error_desc_failed_to_open_data_db
static $pdo_error_desc_failed_to_open_data_db
Definition: en.php:33
CO_Lang\$pdo_error_desc_invalid_login
static $pdo_error_desc_invalid_login
Definition: en.php:39
LGV_Error
This class provides a general error report, with file, method and error information.
Definition: error.class.php:32

References CO_Lang_Common\$pdo_error_code_failed_to_open_data_db, CO_Lang_Common\$pdo_error_code_failed_to_open_security_db, CO_Lang_Common\$pdo_error_code_invalid_login, CO_Lang\$pdo_error_desc_failed_to_open_data_db, CO_Lang\$pdo_error_desc_failed_to_open_security_db, CO_Lang\$pdo_error_desc_invalid_login, CO_Lang\$pdo_error_name_failed_to_open_data_db, CO_Lang\$pdo_error_name_failed_to_open_security_db, CO_Lang\$pdo_error_name_invalid_login, and __BADGER_VERSION__.

Member Function Documentation

◆ add_personal_token_from_current_login()

CO_Access::add_personal_token_from_current_login (   $in_to_id,
  $in_id 
)

This adds a personal token from one ID's pool, to the regular ID pool of another ID.

Returns
true, if the operation was successful.
Parameters
$in_to_idThe ID of the object we are affecting.
$in_idThe ID (personal token) to be added.

Definition at line 331 of file co_access.class.php.

333  {
334  if (in_array($in_id, $this->get_personal_security_ids())) {
335  $ret = $this->_security_db_object->add_personal_token_from_current_login($in_to_id, $in_id);
336 
337  if ($this->_security_db_object->error) {
338  $this->error = $this->_security_db_object->error;
339  } else {
340  return $ret;
341  }
342  }
343 
344  return false;
345  }
CO_Access\get_personal_security_ids
get_personal_security_ids()
Definition: co_access.class.php:251

References get_personal_security_ids().

Here is the call graph for this function:

◆ can_i_see_this_data_record()

CO_Access::can_i_see_this_data_record (   $in_id)

This returns true, if the current user at least has read access to the Data DB record whose ID is provided..

This is "security safe," so that means that if the user does not have rights to the row, or the row does not exist, they will get false.

Returns
a boolean, true, if the user has read access to an existing record in the Data database.
Parameters
$in_idThis is the ID of the record to check.

Definition at line 778 of file co_access.class.php.

779  {
780  $ret = false;
781 
782  if (isset($this->_data_db_object) && $this->_data_db_object) {
783  $ret = $this->_data_db_object->can_i_see_this_record($in_id);
784  $this->error = $this->_data_db_object->error;
785  }
786 
787  return $ret;
788  }

◆ can_i_see_this_security_record()

CO_Access::can_i_see_this_security_record (   $in_id)

This returns true, if the current user at least has read access to the Security DB record whose ID is provided..

This is "security safe," so that means that if the user does not have rights to the row, or the row does not exist, they will get false.

Returns
a boolean, true, if the user has read access to an existing record in the Security database.
Parameters
$in_idThis is the ID of the record to check.

Definition at line 798 of file co_access.class.php.

799  {
800  $ret = false;
801 
802  if (isset($this->_security_db_object) && $this->_security_db_object) {
803  $ret = $this->_security_db_object->can_i_see_this_record($in_id);
804  $this->error = $this->_security_db_object->error;
805  }
806 
807  return $ret;
808  }

◆ check_login_exists()

CO_Access::check_login_exists (   $in_login_id)
Returns
true, if the given login exists, false, if not, but NULL, if there is no security DB (we're not logged in). NOTE: This is not subject to security vetting.
Parameters
$in_login_idThe integer login ID to check

Definition at line 521 of file co_access.class.php.

522  {
523  $ret = NULL;
524 
525  if ($this->security_db_available()) {
526  $ret = false;
527 
528  if ($this->_security_db_object->get_initial_record_by_id(intval($in_login_id))) {
529  $ret = true;
530  }
531  }
532 
533  return $ret;
534  }

References security_db_available().

Referenced by check_user_exists().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_login_exists_by_login_string()

CO_Access::check_login_exists_by_login_string (   $in_login_id_string)
Returns
true, if the given login exists, false, if not, but NULL, if there is no security DB (we're not logged in). NOTE: This is not subject to security vetting.
Parameters
$in_login_id_stringThe string login ID to check

Definition at line 549 of file co_access.class.php.

550  {
551  $ret = NULL;
552 
553  if ($this->security_db_available()) {
554  $ret = false;
555 
556  if ($this->_security_db_object->get_initial_record_by_login_id($in_login_id_string)) {
557  $ret = true;
558  }
559  }
560 
561  return $ret;
562  }

References security_db_available().

Here is the call graph for this function:

◆ check_user_exists()

CO_Access::check_user_exists (   $in_login_id)
Returns
true, if the given user exists for a login, false, if not, but NULL, if there is no security DB (we're not logged in). NOTE: This is not subject to security vetting.
Parameters
$in_login_idThe integer login ID to check

Definition at line 583 of file co_access.class.php.

584  {
585  // We first check for a login.
586  $ret = $this->check_login_exists($in_login_id);
587 
588  if (NULL == $ret) {
589  $ret = false;
590  } elseif (true == $ret) { // If it exists, we check further, for a user with that login.
591  $ret = $this->_data_db_object->see_if_user_exists($in_login_id);
592  }
593 
594  return $ret;
595  }
CO_Access\check_login_exists
check_login_exists( $in_login_id)
Definition: co_access.class.php:521

References check_login_exists().

Here is the call graph for this function:

◆ delete_data_record()

CO_Access::delete_data_record (   $id)

This is a "security-safe" method for deleting a record by its ID.

Returns
true, if the deletion succeeded.
Parameters
$idThe integer ID of the record to be deleted.

Definition at line 1005 of file co_access.class.php.

1006  {
1007  $ret = false;
1008 
1009  if (isset($this->_data_db_object) && $this->_data_db_object) {
1010  $ret = $this->_data_db_object->delete_record($id);
1011  $this->error = $this->_data_db_object->error;
1012  }
1013 
1014  return $ret;
1015  }

◆ generic_search()

CO_Access::generic_search (   $in_search_parameters = NULL,
  $or_search = false,
  $page_size = 0,
  $initial_page = 0,
  $and_writeable = false,
  $count_only = false,
  $ids_only = false 
)

This is a "generic" data database search. It can be called from external user contexts, and allows a fairly generalized search of the "data" database. Sorting will be done for the "owner" and "location" values. "owner" will be sorted by the ID of the returned records, and "location" will be by distance from the center.

It is "security-safe."

Returns
an array of instances that match the search parameters. If $count_only is true, then it will be a single integer, with the count of responses to the search (if a page, then only the number of items on that page).
Parameters
$in_search_parametersThis is an associative array of terms to define the search. The keys should be:
  • 'id' This should be accompanied by an array of one or more integers, representing specific item IDs.
  • 'access_class' This should be accompanied by an array, containing one or more PHP class names.
  • 'name' This will contain a case-insensitive array of strings to check against the object_name column.
  • 'owner' This should be accompanied by an array of one or more integers, representing specific item IDs for "owner" objects.
  • 'tags' This should be accompanied by an array (up to 10 elements) of one or more case-insensitive strings, representing specific tag values. The position in the array denotes which tag to match, so unchecked tags should still be in the array, but empty. You don't match empty tags. You can specify an array for the values, which allows you to do an OR search for the values.
  • 'location' This is only relevant if we are searching for subclasses (or instances) of CO_LL_Location This requires that the parameter be a 3-element associative array of floating-point numbers:
    • 'longitude' This is the search center location longitude, in degrees.
    • 'latitude' This is the search center location latitude, in degrees.
    • 'radius' This is the search radius, in Kilometers.

You can specify an array for any one of the values, which allows you to do an OR search for those values ($or_search does not apply. It is only for the combination of main values). If you add an element called 'use_like' ('use_like' => 1) to the end of 'access_class', 'name' or one of the 'tags', then you can use SQL-style "wildcards" (%) in your matches. If you have 'use_like', and put just a single wildcard in quotes (''), then you are saying "not-empty." NOTE: Although this is an optional parameter, failing to provide anything could return the entire readable database.

Parameters
$or_searchIf true, then the search is very wide (OR), as opposed to narrow (AND), by default. If you specify a location, then that will always be AND, but the other fields can be OR.
$page_sizeIf specified with a 1-based integer, this denotes the size of a "page" of results. NOTE: This is only applicable to MySQL or Postgres, and will be ignored if the DB is not MySQL or Postgres.
$initial_pageThis is ignored unless $page_size is greater than 0. If so, then this 0-based index will specify which page of results to return.
$and_writeableIf true, then we only want records we can modify.
$count_onlyIf true (default is false), then only a single integer will be returned, with the count of items that fit the search.
$ids_onlyIf true (default is false), then the return array will consist only of integers (the object IDs). If $count_only is true, this is ignored.

Definition at line 1026 of file co_access.class.php.

1060  {
1061  $ret = Array();
1062 
1063  if (isset($this->_data_db_object) && $this->_data_db_object) {
1064  $ret = $this->_data_db_object->generic_search($in_search_parameters, $or_search, $page_size, $initial_page, $and_writeable, $count_only, $ids_only);
1065  $this->error = $this->_data_db_object->error;
1066  }
1067 
1068  return $ret;
1069  }

Referenced by CO_Chameleon\get_all_collections_for_element(), CO_Chameleon\get_object_for_key(), CO_Chameleon\get_user_from_login(), CO_Chameleon\get_value_for_key(), and CO_Chameleon\set_value_for_key().

Here is the caller graph for this function:

◆ get_all_data_readable_records()

CO_Access::get_all_data_readable_records (   $open_only = false,
  $in_this_id = NULL 
)

This returns every readable (by this user) item from the "data" database.

Returns
an array of instances.
Parameters
$open_onlyIf true, then we will look for ONLY records with a NULL or 0 read_security_id
$in_this_idIf we are in "god mode," we can look for particular IDs. In that case, this would be the integer ID of the login to check.

Definition at line 816 of file co_access.class.php.

818  {
819  $ret = NULL;
820 
821  if (isset($this->_data_db_object) && $this->_data_db_object) {
822  $ret = $this->_data_db_object->get_all_readable_records($open_only, $in_this_id);
823  $this->error = $this->_data_db_object->error;
824  }
825 
826  return $ret;
827  }

◆ get_all_data_writeable_records()

CO_Access::get_all_data_writeable_records (   $in_this_id = NULL)

This returns every writeable (by this user) item from the "data" database.

Returns
an array of instances.
Parameters
$in_this_idIf we are in "god mode," we can look for particular IDs. In that case, this would be the integer ID of the login to check.

Definition at line 835 of file co_access.class.php.

836  {
837  $ret = NULL;
838 
839  if (isset($this->_data_db_object) && $this->_data_db_object) {
840  $ret = $this->_data_db_object->get_all_writeable_records($in_this_id);
841 
842  if ($this->_data_db_object->error) {
843  $this->error = $this->_data_db_object->error;
844 
845  return NULL;
846  }
847  }
848 
849  return $ret;
850  }

◆ get_all_login_objects()

CO_Access::get_all_login_objects (   $and_write = false)

This is a security-vetted search for all login objects (visible to the current user).

Returns
an array of instances.
Parameters
$and_writeIf true, then we only want ones we have write access to.

Definition at line 1077 of file co_access.class.php.

1078  {
1079  if (!isset($this->_security_db_object) || !$this->_security_db_object) {
1080  return Array();
1081  }
1082 
1083  return $this->_security_db_object->get_all_login_objects($and_write);
1084  }

◆ get_all_login_objects_with_access()

CO_Access::get_all_login_objects_with_access (   $in_security_token,
  $and_write = false 
)

You give a security ID, and you will get all login objects that have that token in their list (or are of that ID).

This is restricted to use security vetting, so only logins visible to the current login.

Returns
an array of instances.
Parameters
$in_security_tokenAn integer, with the requested security token.
$and_writeIf true, then we only want ones we have write access to.

Reimplemented in CO_Chameleon.

Definition at line 1104 of file co_access.class.php.

1106  {
1107  if (!isset($this->_security_db_object) || !$this->_security_db_object) {
1108  return Array();
1109  }
1110 
1111  return $this->_security_db_object->get_all_login_objects_with_access($in_security_token, $and_write);
1112  }

◆ get_all_personal_ids_except_for_id()

CO_Access::get_all_personal_ids_except_for_id (   $in_id = 0)

This returns just the "personal" IDs for ALL logins, EXCEPT for the given ID.

This should only be called from the ID fetcher in the access class, as it does not do a security predicate.

Returns
an array of integers, each, a personal security ID.
Parameters
$in_idThe integer ID of the row we want exempted. If not specified, then all IDs are returned.

Definition at line 276 of file co_access.class.php.

277  {
278  $ret = $this->_security_db_object->get_all_personal_ids_except_for_id($in_id);
279 
280  if ($this->_security_db_object->error) {
281  $this->error = $this->_security_db_object->error;
282  $ret = Array();
283  }
284 
285  return $ret;
286  }

◆ get_all_security_readable_records()

CO_Access::get_all_security_readable_records (   $in_this_id = NULL)

This returns every readable (by this user) item from the "security" database.

Returns
an array of instances.
Parameters
$in_this_idIf we are in "god mode," we can look for particular IDs. In that case, this would be the integer ID of the login to check.

Definition at line 937 of file co_access.class.php.

938  {
939  $ret = NULL;
940 
941  if (isset($this->_security_db_object) && $this->_security_db_object) {
942  $ret = $this->_security_db_object->get_all_readable_records($in_this_id);
943 
944  if ($this->_security_db_object->error) {
945  $this->error = $this->_security_db_object->error;
946 
947  return NULL;
948  }
949  }
950 
951  return $ret;
952  }

◆ get_all_security_writeable_records()

CO_Access::get_all_security_writeable_records (   $in_this_id = NULL)

This returns every writeable (by this user) item from the "security" database.

Returns
an array of instances.
Parameters
$in_this_idIf we are in "god mode," we can look for particular IDs. In that case, this would be the integer ID of the login to check.

Definition at line 960 of file co_access.class.php.

961  {
962  $ret = NULL;
963 
964  if (isset($this->_security_db_object) && $this->_security_db_object) {
965  $ret = $this->_security_db_object->get_all_writeable_records($in_this_id);
966 
967  if ($this->_security_db_object->error) {
968  $this->error = $this->_security_db_object->error;
969 
970  return NULL;
971  }
972  }
973 
974  return $ret;
975  }

◆ get_all_tokens()

CO_Access::get_all_tokens ( )

This is a special "God-only" search for all available tokens. If not in "God" mode, you get NULL.

Returns
an array of integers.

Definition at line 1092 of file co_access.class.php.

1092  {
1093  return $this->_security_db_object->get_all_tokens();
1094  }

◆ get_all_user_objects_with_access()

CO_Access::get_all_user_objects_with_access (   $in_security_token)

You give a security ID, and you will get all user objects that have a login wih that token in their list (or are of that ID).

This is restricted to use security vetting, so only users visible to the current login.

Returns
an array of instances.
Parameters
$in_security_tokenAn integer, with the requested security token.

Reimplemented in CO_Chameleon.

Definition at line 1122 of file co_access.class.php.

1123  {
1124  if (!isset($this->_security_db_object) || !$this->_security_db_object) {
1125  return Array();
1126  }
1127 
1128  return $this->_security_db_object->get_all_user_objects_with_access($in_security_token);
1129  }

◆ get_available_tokens()

CO_Access::get_available_tokens (   $no_personal = false)

This is pretty much the same as above, except with the God Mode, you get all the security tokens instead of -1.

Returns
an array of integers, with each one representing a security token. The first element will always be the ID of the user.
Parameters
$no_personalThis is optional. If we DO NOT want personal tokens included, this should be set to true. Default is false (include personal tokens).

Definition at line 404 of file co_access.class.php.

405  {
406  $ret = Array();
407 
408  if ($this->god_mode()) {
409  $logins = $this->_security_db_object->get_all_readable_records();
410 
411  foreach ($logins as $login) {
412  $ret[] = $login->id();
413  }
414  } else {
415  $login_id = $this->get_login_id();
416  if (isset($login_id) && $login_id && $this->_security_db_object) {
417  $ret = $this->_security_db_object->get_security_ids_for_id($this->get_login_id(), $no_personal);
418 
419  if ($this->_security_db_object->error) {
420  $this->error = $this->_security_db_object->error;
421 
422  $ret = Array();
423  } else {
424  $ret[] = 1;
425  }
426  }
427  }
428 
429  sort($ret);
430  array_unshift($ret, $this->get_login_id());
431  $ret = array_values(array_unique($ret));
432 
433  return $ret;
434  }
CO_Access\get_login_id
get_login_id( $in_login_id=NULL)
Definition: co_access.class.php:448

References get_login_id(), and god_mode().

Here is the call graph for this function:

◆ get_data_access_class_by_id()

CO_Access::get_data_access_class_by_id (   $in_id)

This returns the access class for the given ID for the Data Database.

This is "security safe," so that means that if the user does not have rights to the row, they will get NULL.

Returns
a string, containing the access_class data column. NULL, if no response (like the ID does not exist, or the user does not have read rights to it).
Parameters
$in_idThis is the ID of the record to fetch.

Definition at line 740 of file co_access.class.php.

741  {
742  $ret = NULL;
743  if (isset($this->_data_db_object) && $this->_data_db_object) {
744  $ret = $this->_data_db_object->get_access_class_by_id($in_id);
745  $this->error = $this->_data_db_object->error;
746  }
747 
748  return $ret;
749  }

◆ get_lang()

CO_Access::get_lang (   $in_login_id = NULL)
Returns
a string, with the language ID for the login. If none, the the server default is returned.
Parameters
$in_login_idThe integer login ID to check. If not-NULL, then the ID of a login instance. It must be one that the current user can see.

Reimplemented in CO_Chameleon.

Definition at line 495 of file co_access.class.php.

496  {
497  $ret = CO_Config::$lang;
498 
499  $login_item = $this->get_login_item($in_login_id);
500 
501  if ($login_item) {
502  $ret = $login_item->get_lang();
503  }
504 
505  return $ret;
506  }
CO_Access\get_login_item
get_login_item( $in_login_id=NULL)
Definition: co_access.class.php:476

References $lang, and get_login_item().

Here is the call graph for this function:

◆ get_login_id()

CO_Access::get_login_id (   $in_login_id = NULL)
Returns
the ID for the logged-in user.
Parameters
$in_login_idThe integer login ID to check. If not-NULL, then the ID of a login instance. It must be one that the current user can see.

Definition at line 448 of file co_access.class.php.

449  {
450  $ret = $this->_login_id;
451 
452  $in_login_id = intval($in_login_id);
453 
454  // See if they are looking up an ID for another login.
455  if ($in_login_id) {
456  $ret = 0; // If the lookup fails, we get back 0.
457 
458  $record = $this->get_single_security_record_by_id($login_id);
459 
460  if ($record) {
461  $ret = $record->id();
462  }
463  }
464 
465  return $ret;
466  }
CO_Access\$_login_id
$_login_id
This is an integer, containing the security DB ID of the logged-in user. It will be NULL for no login...
Definition: co_access.class.php:84
CO_Access\get_single_security_record_by_id
get_single_security_record_by_id( $in_id)
Definition: co_access.class.php:918

References $_login_id, and get_single_security_record_by_id().

Referenced by get_available_tokens(), get_login_item(), get_personal_security_ids(), get_security_ids(), CO_Chameleon\get_user_from_login(), and make_new_blank_record().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_login_item()

CO_Access::get_login_item (   $in_login_id = NULL)

This returns the actual security DB login item for the requested user (or the current logged-in user).

The response is subject to standard security vetting, so there is a possibility that nothing will be returned, when there is an existing login at that ID.

Returns
the instance for the requested user.
Parameters
$in_login_idThe integer login ID to check. If not-NULL, then the ID of a login instance. It must be one that the current user can see.

Definition at line 476 of file co_access.class.php.

477  {
478  $login_id = 0;
479 
480  if (isset($in_login_id) && (0 < intval($in_login_id))) {
481  $login_id = intval($in_login_id);
482  } else {
483  $login_id = $this->get_login_id();
484  }
485 
486  $ret = (1 < $login_id) ? $this->get_single_security_record_by_id($login_id) : NULL;
487 
488  return $ret;
489  }

References get_login_id(), and get_single_security_record_by_id().

Referenced by get_lang(), CO_Chameleon\get_lang(), get_remaining_time(), and CO_Chameleon\test_access().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_login_item_by_login_string()

CO_Access::get_login_item_by_login_string (   $in_login_id_string)
Returns
the requested login item. This is subject to security vetting, so no item does not mean the item doesn't exist. It just means we're in the dark about that.
Parameters
$in_login_id_stringThe string login ID to check

Definition at line 568 of file co_access.class.php.

569  {
570  $ret = NULL;
571 
572  if ($this->security_db_available()) {
573  $ret = $this->_security_db_object->get_single_record_by_login_id($in_login_id_string);
574  }
575 
576  return $ret;
577  }

References security_db_available().

Here is the call graph for this function:

◆ get_logins_that_have_any_of_my_ids()

CO_Access::get_logins_that_have_any_of_my_ids ( )

This returns IDs that have our personal IDs.

Returns
an associative array of arrays of integer, keyed by integer. The key is the ID of the login, and the value is an array of integer, with the IDs that match. NULL, if an error.

Definition at line 375 of file co_access.class.php.

375  {
376  return $this->_security_db_object->get_logins_that_have_any_of_my_ids();
377  }

◆ get_logins_with_personal_ids()

CO_Access::get_logins_with_personal_ids ( )

This returns IDs that have personal IDs. This only works for the God admin.

Returns
an associative array of arrays of integer, keyed by integer. The key is the ID of the login, and the value is an array of integer, with the Personal IDs that match. NULL, if an error.

Definition at line 295 of file co_access.class.php.

295  {
296  $ret = $this->_security_db_object->get_logins_with_personal_ids();
297 
298  if ($this->_security_db_object->error) {
299  $this->error = $this->_security_db_object->error;
300  $ret = Array();
301  }
302 
303  return $ret;
304  }

◆ get_multiple_data_records_by_id()

CO_Access::get_multiple_data_records_by_id (   $in_id_array)

This method queries the "data" databse for multiple records, given a list of IDs.

The records will not be returned if the user does not have read permission for them.

Returns
an array of instances, fetched an initialized from the database.
Parameters
$in_id_arrayAn array of integers, with the item IDs.

Definition at line 698 of file co_access.class.php.

699  {
700  $ret = NULL;
701 
702  if (isset($this->_data_db_object) && $this->_data_db_object) {
703  $ret = $this->_data_db_object->get_multiple_records_by_id($in_id_array);
704  if ($this->_data_db_object->error) {
705  $this->error = $this->_data_db_object->error;
706 
707  return NULL;
708  }
709  }
710 
711  return $ret;
712  }

Referenced by get_single_data_record_by_id().

Here is the caller graph for this function:

◆ get_multiple_security_records_by_id()

CO_Access::get_multiple_security_records_by_id (   $in_id_array)

This method queries the "security" databse for multiple records, given a list of IDs.

The records will not be returned if the user does not have read permission for them.

Returns
an array of instances, fetched an initialized from the database.
Parameters
$in_id_arrayAn array of integer IDs.

Definition at line 895 of file co_access.class.php.

896  {
897  $ret = NULL;
898 
899  if (isset($this->_security_db_object) && $this->_security_db_object) {
900  $ret = $this->_security_db_object->get_multiple_records_by_id($in_id_array);
901 
902  if ($this->_security_db_object->error) {
903  $this->error = $this->_security_db_object->error;
904 
905  return NULL;
906  }
907  }
908 
909  return $ret;
910  }

Referenced by get_single_security_record_by_id().

Here is the caller graph for this function:

◆ get_personal_security_ids()

CO_Access::get_personal_security_ids ( )

This fetches the list of the "personal" security tokens the currently logged-in user has available. This will reload any non-God Mode IDs before fetching the IDs, in order to spike privilege escalation. If they have God Mode, then you're pretty much screwed, anyway.

Returns
an array of integers, with each one representing a personal security token.

Definition at line 251 of file co_access.class.php.

251  {
252  $ret = Array();
253 
254  if (CO_Config::use_personal_tokens()) {
255  $login_id = $this->get_login_id();
256  if (isset($login_id) && $login_id && $this->_security_db_object) {
257  $ret = $this->_security_db_object->get_personal_ids_for_id($login_id);
258 
259  if ($this->_security_db_object->error) {
260  $this->error = $this->_security_db_object->error;
261  $ret = Array();
262  }
263  }
264  }
265  return $ret;
266  }

References get_login_id().

Referenced by add_personal_token_from_current_login(), and remove_personal_token_from_this_login().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_remaining_time()

CO_Access::get_remaining_time (   $in_login_id = NULL)
Returns
a floating-point number, with the remaining login time, in seconds. -1 means no timeout. 0 means time's up.
Parameters
$in_login_idThe integer login ID to check. If not-NULL, then the ID of a login instance. It must be one that the current user can see.

Definition at line 540 of file co_access.class.php.

541  {
542  return $this->get_login_item($in_login_id)->get_remaining_time();
543  }

References get_login_item().

Here is the call graph for this function:

◆ get_security_access_class_by_id()

CO_Access::get_security_access_class_by_id (   $in_id)

This returns the access class for the given ID for the Security Database.

This is "security safe," so that means that if the user does not have rights to the row, they will get NULL.

Returns
a string, containing the access_class data column. NULL, if no response (like the ID does not exist, or the user does not have read rights to it).
Parameters
$in_idThis is the ID of the record to fetch.

Definition at line 759 of file co_access.class.php.

760  {
761  $ret = NULL;
762  if (isset($this->_security_db_object) && $this->_security_db_object) {
763  $ret = $this->_security_db_object->get_access_class_by_id($in_id);
764  $this->error = $this->_security_db_object->error;
765  }
766 
767  return $ret;
768  }

◆ get_security_ids()

CO_Access::get_security_ids (   $no_personal = false)

This fetches the list of security tokens the currently logged-in user has available. This will reload any non-God Mode IDs before fetching the IDs, in order to spike privilege escalation. If they have God Mode, then you're pretty much screwed, anyway.

Returns
an array of integers, with each one representing a security token. The first element will always be the ID of the user.
Parameters
$no_personalThis is optional. If we DO NOT want personal tokens included, this should be set to true. Default is false (include personal tokens).

Reimplemented in CO_Chameleon.

Definition at line 220 of file co_access.class.php.

221  {
222  $ret = Array();
223 
224  if ($this->god_mode()) {
225  $ret = Array(-1);
226  } else {
227  $login_id = $this->get_login_id();
228  if (isset($login_id) && $login_id && $this->_security_db_object) {
229  $ret = $this->_security_db_object->get_security_ids_for_id($this->get_login_id(), $no_personal);
230 
231  if ($this->_security_db_object->error) {
232  $this->error = $this->_security_db_object->error;
233 
234  $ret = Array();
235  } else {
236  array_unshift($ret, 1); // We always add 1, as that's the "all logged-in users" token.
237  }
238  }
239  }
240  return $ret;
241  }

References get_login_id(), and god_mode().

Referenced by i_have_this_token().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_single_data_record_by_id()

CO_Access::get_single_data_record_by_id (   $in_id)

This is a "security-safe" method for fetching a single record from the "data" database, by its ID.

Returns
a single new instance, initialized from the database.
Parameters
$in_idThe integer ID of the record to fetch.

Definition at line 720 of file co_access.class.php.

721  {
722  $ret = NULL;
723 
724  $tmp = $this->get_multiple_data_records_by_id(Array($in_id));
725  if (isset($tmp) && is_array($tmp) && (1 == count($tmp))) {
726  $ret = $tmp[0];
727  }
728 
729  return $ret;
730  }
CO_Access\get_multiple_data_records_by_id
get_multiple_data_records_by_id( $in_id_array)
Definition: co_access.class.php:698

References get_multiple_data_records_by_id().

Here is the call graph for this function:

◆ get_single_security_record_by_id()

CO_Access::get_single_security_record_by_id (   $in_id)

This is a "security-safe" method for fetching a single record from the "security" database, by its ID.

Returns
a single new instance, initialized from the database.
Parameters
$in_idThe integer ID to check.

Definition at line 918 of file co_access.class.php.

919  {
920  $ret = NULL;
921 
922  $tmp = $this->get_multiple_security_records_by_id(Array($in_id));
923 
924  if (isset($tmp) && is_array($tmp) && (1 == count($tmp))) {
925  $ret = $tmp[0];
926  }
927 
928  return $ret;
929  }
CO_Access\get_multiple_security_records_by_id
get_multiple_security_records_by_id( $in_id_array)
Definition: co_access.class.php:895

References get_multiple_security_records_by_id().

Referenced by get_login_id(), and get_login_item().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ god_mode()

CO_Access::god_mode ( )
Returns
true, if the current logged-in user is "God."

Definition at line 512 of file co_access.class.php.

512  {
513  // We look at the hard property (as opposed to using the accessor) just to avoid subclasses messing with things.
514  return intval($this->_login_id) == intval(CO_Config::god_mode_id());
515  }

Referenced by CO_Chameleon\fetch_backup(), get_available_tokens(), get_security_ids(), and i_have_this_token().

Here is the caller graph for this function:

◆ i_have_this_token()

CO_Access::i_have_this_token (   $in_token_to_test)

Tests a token, to see if the current user has it.

Returns
true, if the current user has the given token.
Parameters
$in_token_to_testThe token we are checking out

Definition at line 866 of file co_access.class.php.

867  {
868  $ret = $this->god_mode(); // God sees everything.
869 
870  if (!$ret && isset($in_token_to_test) && ctype_digit(strval($in_token_to_test))) {
871  if (0 == intval($in_token_to_test)) {
872  $ret = true;
873  } elseif (1 == intval($in_token_to_test)) {
874  $ret = $this->security_db_available();
875  } else {
876  $tokens = $this->get_security_ids();
877 
878  if (isset($tokens) && is_array($tokens) && count($tokens)) {
879  $ret = in_array(intval($in_token_to_test), $tokens);
880  }
881  }
882  }
883 
884  return $ret;
885  }
CO_Access\get_security_ids
get_security_ids($no_personal=false)
Definition: co_access.class.php:220

References get_security_ids(), god_mode(), and security_db_available().

Here is the call graph for this function:

◆ is_this_a_login_id()

CO_Access::is_this_a_login_id (   $in_id)

This checks an ID, to see if it is a login ID.

Returns
true, if the ID is a login ID.
Parameters
$in_idThe ID we are checking. Must be greater than 1.

Definition at line 385 of file co_access.class.php.

386  {
387  $ret = $this->_security_db_object->is_this_a_login_id($in_id);
388 
389  if ($this->_security_db_object->error) {
390  $this->error = $this->_security_db_object->error;
391  } else {
392  return $ret;
393  }
394 
395  return false;
396  }

◆ is_this_a_personal_id()

CO_Access::is_this_a_personal_id (   $in_id)

This checks an ID, to see if it is a personal ID.

Returns
true, if the ID is a personal ID.
Parameters
$in_idThe ID we are checking. Must be greater than 1.

Definition at line 312 of file co_access.class.php.

313  {
314  $ret = $this->_security_db_object->is_this_a_personal_id($in_id);
315 
316  if ($this->_security_db_object->error) {
317  $this->error = $this->_security_db_object->error;
318  } else {
319  return $ret;
320  }
321 
322  return false;
323  }

◆ item_exists()

CO_Access::item_exists (   $in_id,
  $in_visibility_test = false 
)

This is a very "raw" function that simply checks to see if any item exists for a given integer ID.

This deliberately does not pass security vetting, so we're careful. It's meant to be used by collection classes for garbage collection.

Returns
true, if an item exists for the given ID.
Parameters
$in_idThe integer ID of the item.
$in_visibility_testIf true (default is false), then this will return false, even if the item exists, but cannot be seen by this user.

Definition at line 206 of file co_access.class.php.

208  {
209  return $this->_data_db_object->item_exists($in_id, $in_visibility_test);
210  }

◆ main_db_available()

CO_Access::main_db_available ( )
Returns
true, if the main "data" database is ready for use.

Definition at line 440 of file co_access.class.php.

440  {
441  return NULL != $this->_data_db_object;
442  }
CO_Access\$_data_db_object
$_data_db_object
This is the instance of the class representing the "data" database. This will always be instantiated.
Definition: co_access.class.php:82

References $_data_db_object.

◆ make_new_blank_record()

CO_Access::make_new_blank_record (   $in_classname)

This method instantiates a new, default instance of a class.

The instance does not reflect a database entity until it has had its update_db() method called.

Returns
a new, uninitialized instance of the requested class.
Parameters
$in_classnameThis is the name of the class to instantiate.

Definition at line 605 of file co_access.class.php.

606  {
607  $ret = NULL;
608 
609  // We create an empty instance to test which database gets assigned.
610  if ($in_classname) {
611  $filename = CO_Config::db_classes_class_dir().'/'.strtolower($in_classname).'.class.php';
612  if (!class_exists($in_classname)) {
613  if (!file_exists($filename)) {
614  $filename = NULL;
615 
616  $dir_array = CO_Config::db_classes_extension_class_dir();
617 
618  if (!is_array($dir_array)) {
619  $dir_array = Array($dir_array);
620  }
621 
622  foreach ($dir_array as $dir) {
623  $filename = $dir.'/'.strtolower($in_classname).'.class.php';
624  if (file_exists($filename)) {
625  require_once($filename);
626  break;
627  } else {
628  $filename = NULL;
629  }
630  }
631  } else {
632  require_once($filename);
633  }
634 
635  if (!$filename) {
636  $this->error = new LGV_Error( CO_Lang_Common::$access_error_code_class_file_not_found,
637  CO_Lang::$access_error_name_class_file_not_found,
638  CO_Lang::$access_error_desc_class_file_not_found,
639  __FILE__,
640  __LINE__,
641  __METHOD__
642  );
643  return NULL;
644  }
645  }
646 
647  if (class_exists($in_classname) && $this->_data_db_object && $this->_security_db_object) { // Quick test. Not allowed to do anything unless we are logged in.
648  $test_instance = new $in_classname();
649 
650  if ($test_instance instanceof CO_Main_DB_Record) {
651  $ret = new $in_classname($this->_data_db_object);
652  } elseif ($test_instance instanceof CO_Security_Node) {
653  $ret = new $in_classname($this->_security_db_object);
654  }
655 
656  if ($ret) {
657  $ret->write_security_id = intval($this->get_login_id());
658  $ret->update_db(); // Make sure it gets saved.
659  } else {
660  $this->error = new LGV_Error( CO_Lang_Common::$access_error_code_class_not_created,
661  CO_Lang::$access_error_name_class_not_created,
662  CO_Lang::$access_error_desc_class_not_created,
663  __FILE__,
664  __LINE__,
665  __METHOD__
666  );
667  }
668  } elseif (!$this->_security_db_object) {
669  $this->error = new LGV_Error( CO_Lang_Common::$access_error_code_user_not_authorized,
670  CO_Lang::$access_error_name_user_not_authorized,
671  CO_Lang::$access_error_desc_user_not_authorized,
672  __FILE__,
673  __LINE__,
674  __METHOD__
675  );
676  } else {
677  $this->error = new LGV_Error( CO_Lang_Common::$access_error_code_class_not_created,
678  CO_Lang::$access_error_name_class_not_created,
679  CO_Lang::$access_error_desc_class_not_created,
680  __FILE__,
681  __LINE__,
682  __METHOD__
683  );
684  }
685  }
686 
687  return $ret;
688  }
CO_Lang_Common\$access_error_code_class_not_created
static $access_error_code_class_not_created
Definition: common.inc.php:55
CO_Lang_Common\$access_error_code_user_not_authorized
static $access_error_code_user_not_authorized
Definition: common.inc.php:53
CO_Lang_Common\$access_error_code_class_file_not_found
static $access_error_code_class_file_not_found
Definition: common.inc.php:54
CO_Lang\$access_error_name_user_not_authorized
static $access_error_name_user_not_authorized
Definition: en.php:58
CO_Lang\$access_error_name_class_file_not_found
static $access_error_name_class_file_not_found
Definition: en.php:60
CO_Lang\$access_error_desc_class_file_not_found
static $access_error_desc_class_file_not_found
Definition: en.php:61
CO_Lang\$access_error_name_class_not_created
static $access_error_name_class_not_created
Definition: en.php:62
CO_Lang\$access_error_desc_user_not_authorized
static $access_error_desc_user_not_authorized
Definition: en.php:59
CO_Lang\$access_error_desc_class_not_created
static $access_error_desc_class_not_created
Definition: en.php:63

References CO_Lang_Common\$access_error_code_class_file_not_found, CO_Lang_Common\$access_error_code_class_not_created, CO_Lang_Common\$access_error_code_user_not_authorized, CO_Lang\$access_error_desc_class_file_not_found, CO_Lang\$access_error_desc_class_not_created, CO_Lang\$access_error_desc_user_not_authorized, CO_Lang\$access_error_name_class_file_not_found, CO_Lang\$access_error_name_class_not_created, CO_Lang\$access_error_name_user_not_authorized, and get_login_id().

Referenced by CO_Chameleon\set_value_for_key().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ remove_personal_token_from_this_login()

CO_Access::remove_personal_token_from_this_login (   $in_to_id,
  $in_id 
)

This removes a token that is owned by one ID, from another ID.

Returns
true, if the operation was successful.
Parameters
$in_to_idThe ID of the object we are affecting.
$in_idThe ID (personal token) to be removed.

Definition at line 353 of file co_access.class.php.

355  {
356  if (in_array($in_id, $this->get_personal_security_ids())) {
357  $ret = $this->_security_db_object->remove_personal_token_from_this_login($in_to_id, $in_id);
358 
359  if ($this->_security_db_object->error) {
360  $this->error = $this->_security_db_object->error;
361  } else {
362  return $ret;
363  }
364  }
365 
366  return false;
367  }

References get_personal_security_ids().

Here is the call graph for this function:

◆ security_db_available()

CO_Access::security_db_available ( )
Returns
true if the security database is available and ready for use.

Definition at line 856 of file co_access.class.php.

856  {
857  return NULL != $this->_security_db_object;
858  }
CO_Access\$_security_db_object
$_security_db_object
This is the instance of the class representing the "scurity" database. This may not be instantiated,...
Definition: co_access.class.php:83

References $_security_db_object.

Referenced by check_login_exists(), check_login_exists_by_login_string(), get_login_item_by_login_string(), i_have_this_token(), CO_Chameleon\set_value_for_key(), and CO_Chameleon\test_access().

Here is the caller graph for this function:

◆ write_data_record()

CO_Access::write_data_record (   $params_associative_array)

This writes a data record to the "data" database, based on an associative array of elements.

This is security-safe.

This should generally not be called by user contexts.

Returns
true, or the ID of a new record.
Parameters
$params_associative_arrayThis is an associative array that has the values, keyed by the database column IDs.

Definition at line 987 of file co_access.class.php.

988  {
989  $ret = false;
990 
991  if (isset($this->_data_db_object) && $this->_data_db_object) {
992  $ret = $this->_data_db_object->write_record($params_associative_array);
993  $this->error = $this->_data_db_object->error;
994  }
995 
996  return $ret;
997  }

Member Data Documentation

◆ $_data_db_object

CO_Access::$_data_db_object
protected

This is the instance of the class representing the "data" database. This will always be instantiated.

Definition at line 82 of file co_access.class.php.

Referenced by main_db_available().

◆ $_login_id

CO_Access::$_login_id
protected

This is an integer, containing the security DB ID of the logged-in user. It will be NULL for no login.

Definition at line 84 of file co_access.class.php.

Referenced by get_login_id().

◆ $_security_db_object

CO_Access::$_security_db_object
protected

This is the instance of the class representing the "scurity" database. This may not be instantiated, if there is no login.

Definition at line 83 of file co_access.class.php.

Referenced by security_db_available().

◆ $class_description

CO_Access::$class_description

This is a brief textual description of the class.

Definition at line 88 of file co_access.class.php.

◆ $error

CO_Access::$error

If there was an error, it will be held here.

Definition at line 87 of file co_access.class.php.

◆ $valid

CO_Access::$valid

This will be true, if the instance is "valid" (has at least an initialized "data" database).

Definition at line 86 of file co_access.class.php.

◆ $version

CO_Access::$version

This will contain the BADGER Version.

Definition at line 90 of file co_access.class.php.