How to install
PHPSecAuth?
-Put phpsecauth.php and install.php in a
directory.
-Create a database.
-Edit install.php to add mysql variables.
-Lauch install.php in your webrowser.
-Open phpsecauth.php and edit the mysql's variables
and critical accounts.
Can
you give me an example with PHPSecAuth ?
There is an example in the phpsecauth-0.1.tar.gz
which explain how to use PHPSecAuth. Its name is
example.php.
List of all the methods :
- The constructor PHPSecAuth(String
$input_login, String $input_pass,String $method) is called when
you do a new PHPSecAuth($input_login, $input_pass, $method).
- $input_login must
the name of the input sending the login.
- $input_pass must the
name of the input sending the password.
- $method is POST or GET.
- setMail(String $email, String
$host, int $port) is used to add the email which will
receive the alerts.
- $email is the administrator email which will
receive the email.
- $host is the host of the SMTP server.
- $port is the port of the SMTP server.
- setLevel(int $level) is the
level of the attack limit to receive an alert.
- $level must be between 1 and 10.
- addDenyDay(int $day) is used
to add a day where the authentication will be forbidden.
- $day is the number of the day forbidden. 1 is
Monday and 7 Sunday.
- addPermitHour(String $hour_begin,
String $hour_end) is used to limit the access time.
- $hour_begin is the begining of the autorization to
do an authentication and must be in this format HH:mm . For example
08:00
- $hour_end is the end of the authorization to do an
authentication and must be in this format HH:mm. For example 18:00
- verifLogin() send the attack
verification.
- sendToAdmin() is used to
receive the log of the attacks when the level attack is superior than
the level set with the method setLevel(). It depends the method
setMail().
- logAttack(String $filename)
is used to log the attacks on a file when
the level attack is superior than the level set with the method
setLevel().
- $filename is the name of the log file.
- auth() send the
authentication. The password must be crypt in MD5 in the database. This
method returns 3 variables :
- $_SESSION["login"] with the login of the
authentication.
- $_SESSION["pass"] with the pass of the
authentication crypted in MD5.
- $_SESSION["auth"] with the value 'ok' and which
can be used to show we are authenticated.