User Management (login)

From Armarius

Jump to: navigation, search

[edit] Documentation

The login has been programmed like this : (the main was only to test if the connexion and if the accesses to some pages were good) :

A person who is on the main page can register if she wants. To do this, she has to click on the link Registering? on the main page. Then, she has to complete some fields about her (login, password, name and email) and to type characters contained in a picture ; if there is not any problem, her information is put into the table prefix_users. The table prefix_users has the attributes: Userid (which is incremented automatically), Login, Password (crypted with md5),Usr_category, Username, Email, LastLogin (date of last login),Created (date of creation),Activated ( for the moment, this field is equal to 1 (yes) all the time). The category of a person who registers is always 1 (user).

After her registering, the heading “Login” in the right of the page disappears, and the text “You’re connected as” and the button “Disconnect” appear. The pages where she has accesses are in the menu on the right of the page.

For the moment (but it will change with the final categories of users), if she annotates directly after her registering, the annotations are inserted into the table prefix_annotation with anno_auID equal to 0.

When she disconnects, the heading “Login” appears instead of the text “You’re connected as” and the button “Disconnect”.

There is another category of users : the category 2 which designs the administrators. They’ve all rights (accesses to all pages) and an access to an administration panel ; with it, they can create users, see the users registered and do operations (Activate (Activated=1), Remove,Suspend (Activated=0)) on them and edit their information (login, email and their category).

When a person is registered, she can connect to the site typing her login and password to have her access. The annotations she does are inserted into the table prefix_annotation with anno_auID equal to their Userid.

For the moment, people not registered can also have access to the pages “Browse manuscripts” and do actions (annotations ...). Their annotations are inserted into the table prefix_annotation with anno_auID equal to 0. In effect, we haven’t decided yet the categories of users that will exist and their rights. But, perhaps, it will be like this ?

4 proposed categories of users :

  • Not connected user
  • Normal user (connection required)
  • Expert of documents (connection required)
  • Administrator (connection required)


  • Not connected user (category 0) : Access to the main page only.
  • Normal user (category 1) : Has to register and is then connected. When he is connected, he sees the annotations, but can’t modify, delete them or create others. He can search if he wishes in the complete list of annotations ever done.
  • Expert of documents (category 2) : An administrator registers him as an expert. Then, he has to connect and then, sees the annotations, can modify, delete them or create others. (The annotations he does are inserted into the table prefix_annotation with anno_auID equal to his Userid). He can search if he wishes in the complete list of annotations ever done or in the list of his own annotations.
  • Administrator (category 3) : Has to connect and then, has access to all functionalities and to the administration panel where he can create users, see the users registered and edit their information (login, email and their category).The annotations he does are inserted into the table prefix_annotation with anno_auID equal to his Userid.

[edit] Details of programmation

To pass information of users between pages, session variables have been created. And users must accept cookies for the moment.

The accesses to the protected pages are so tested with session variables. In fact, when a user registers or connects, a session variable is created containing the number of the category of this user. And at the beginning of each protected page, a test is done (if the user belongs to the category allowed to access to this page or not).

When a user registers, he has to type his password twice and to type the characters contained in a picture. If there is an error in the password, or in the characters, or if email or name are bad or if the login wanted is the login of another user registered, a message appears asking the person to modify the bad things. If there aren’t errors, the person is registered and some of his information is in session variables.

To connect, the user has to type his login and password. If there is a problem (login doesn’t exist or bad password), a message appears asking the person to modify the bad things ; else, he is connected and some of his information is in session variables.

[edit] Files used

There are all in /app/admin.

  • login.php : treatment of the phases of connexion(login), registering, creation of new users by the administrators, editions of information of users by the administrators.
  • deconnexion.php : file used when the user has clicked on the button “Disconnect”. All of the session variables are destroyed.
  • inscription.php : registering formulary.
  • image.php : file used to create the picture inserted in the registering formulary.
  • admin.php : administration panel.
  • create_user.php : formulary to create a new user (for the administrator)
  • manage_user.php : file used to see the users registered. (login, email, name of his category …) (for the administrator)
  • edit_user.php : to edit login,email or category of one user. (for the administrator)
  • treatement_user.php : do the operations (selected with manage_user.php) Activate, Remove,Suspend on a user.


But, the languages files en.php and hu.php (in /view/lang/) and the files config.php (in /data/config/), main_menu.php (in /view/skins/default/) and anno_manage.php (in /app/remote/) have also been modified. In effect, others define have been declared in config.php (pathes) and in the languages files ; main_menu.php has been modified to integrate if the user is connected or not (so, if the heading "Login" or if the message "You're connected as" and the button "Disconnect" has to be written). anno_manage.php has been modified to allot the annotations to the users who write them.

Retrieved from "http://www.armarius.org/wiki/index.php/User_Management_%28login%29"
Personal tools