The Red Matrix
 All Classes Namespaces Files Functions Variables Pages
Functions
security.php File Reference

Functions

 authenticate_success ($user_record, $login_initial=false, $interactive=false, $return=false, $update_lastlog=false)
 
 change_channel ($change_channel)
 Change to another channel with current logged-in account. More...
 
 permissions_sql ($owner_id, $remote_verified=false, $groups=null)
 Creates an addiontal SQL where statement to check permissions. More...
 
 item_permissions_sql ($owner_id, $remote_verified=false, $groups=null)
 Creates an addiontal SQL where statement to check permissions for an item. More...
 
 public_permissions_sql ($observer_hash)
 
 get_form_security_token ($typename= '')
 
 check_form_security_token ($typename= '', $formname= 'form_security_token')
 
 check_form_security_std_err_msg ()
 
 check_form_security_token_redirectOnErr ($err_redirect, $typename= '', $formname= 'form_security_token')
 
 check_form_security_token_ForbiddenOnErr ($typename= '', $formname= 'form_security_token')
 
if(!function_exists('init_groups_visitor')) stream_perms_api_uids ($perms=NULL)
 
 stream_perms_xchans ($perms=NULL)
 

Detailed Description

Some security related functions.

Function Documentation

authenticate_success (   $user_record,
  $login_initial = false,
  $interactive = false,
  $return = false,
  $update_lastlog = false 
)
Parameters
int$user_recordThe account_id
bool$login_initialdefault false
bool$interactivedefault false
bool$return
bool$update_lastlog

Referenced by api_login(), openid_content(), and register_post().

change_channel (   $change_channel)

Change to another channel with current logged-in account.

Parameters
int$change_channelThe channel_id of the channel you want to change to
Returns
bool|array false or channel record of the new channel

Referenced by api_login(), api_user(), authenticate_success(), import_post(), FKOAuth1\loginUser(), manage_content(), new_channel_post(), and rpost_content().

check_form_security_std_err_msg ( )

Referenced by check_form_security_token_redirectOnErr().

check_form_security_token (   $typename = '',
  $formname = 'form_security_token' 
)

Referenced by check_form_security_token_ForbiddenOnErr(), and check_form_security_token_redirectOnErr().

check_form_security_token_ForbiddenOnErr (   $typename = '',
  $formname = 'form_security_token' 
)

Referenced by group_content().

check_form_security_token_redirectOnErr (   $err_redirect,
  $typename = '',
  $formname = 'form_security_token' 
)

Referenced by admin_page_channels(), admin_page_channels_post(), admin_page_hubloc_post(), admin_page_logs_post(), admin_page_plugins(), admin_page_site_post(), admin_page_themes(), admin_page_users(), admin_page_users_post(), group_content(), group_post(), invite_post(), profile_photo_post(), profiles_init(), profiles_post(), and settings_post().

get_form_security_token (   $typename = '')

Referenced by admin_page_channels(), admin_page_hubloc(), admin_page_logs(), admin_page_plugins(), admin_page_site(), admin_page_themes(), admin_page_users(), group_content(), invite_content(), and profiles_content().

item_permissions_sql (   $owner_id,
  $remote_verified = false,
  $groups = null 
)

Creates an addiontal SQL where statement to check permissions for an item.

Parameters
int$owner_id
bool$remote_verifieddefault false, not used at all
string$groupsthis param is not used at all
Returns
string additional SQL where statement

Construct permissions

default permissions - anonymous user

Profile owner - everything is visible

Authenticated visitor. Unless pre-verified, check that the contact belongs to this $owner_id and load the groups the visitor belongs to. If pre-verified, the caller is expected to have already done this and passed the groups into this function.

Referenced by block_content(), channel_content(), items_fetch(), page_init(), pdl_selector(), share_init(), widget_item(), widget_random_block(), and zot_feed().

permissions_sql (   $owner_id,
  $remote_verified = false,
  $groups = null 
)

Creates an addiontal SQL where statement to check permissions.

Parameters
int$owner_id
bool$remote_verifieddefault false, not used at all
string$groupsthis param is not used at all
Returns
string additional SQL where statement

Construct permissions

default permissions - anonymous user

Profile owner - everything is visible

Authenticated visitor. Unless pre-verified, check that the contact belongs to this $owner_id and load the groups the visitor belongs to. If pre-verified, the caller is expected to have already done this and passed the groups into this function.

Referenced by attach_by_hash(), attach_by_hash_nodata(), attach_count_files(), attach_list_files(), attach_mkdir(), chat_content(), chat_message(), chatroom_enter(), chatroom_list(), chatroom_list_count(), chatsvc_content(), chatsvc_post(), menu_fetch(), photo_init(), photos_albums_list(), photos_content(), photos_list_photos(), RedCollectionData(), RedFileData(), and z_readdir().

public_permissions_sql (   $observer_hash)
Parameters
string$observer_hash
Returns
string additional SQL where statement

Referenced by display_content(), and search_content().

if (!function_exists('init_groups_visitor')) stream_perms_api_uids (   $perms = NULL)

Referenced by api_status_show(), api_statuses_public_timeline(), api_users_show(), and zot_feed().

stream_perms_xchans (   $perms = NULL)

Referenced by display_content(), and search_content().