DX Auth User Guide Version 1.0

Table of Contents Page

Tables anatomy

These are the table installed in DX Auth library and here is the explanation for each field.

users table

This is the main table, users are recorded in here.

• id = Primary key.
• role_id = Foreign key to roles table. Default is 1.
• username = Username.
• password = User password (encrypted).
• email = User email.
• banned = Determine if user is banned or not (1 = banned, 0 = not banned). Default is 0.
• ban_reason = Reason why user is banned.
• newpass = New password after user request forgot password.
• newpass_key = Key to change password. If key is verified by reset_password() function, it will replace 'password' field with 'newpass' field value.
• newpass_time = Time when forgot password is requested.
• last_ip = IP address of user when register. Then if 'DX_login_record_ip' is TRUE, every time user login his IP will be recorded here.
• last_login = if 'DX_login_record_time' is TRUE, login time will be recorded here.
• created = Time when this record is created, normally you can use this to determine when user is registered.
• modified = Time when this record is modified.

Username field shoudn't contain space and other vulnerable character. Therefore when you validate username in registration, it's highly recommended you use alpha_dash in your form validation.

user_temp table

This table is for users who haven't activated their account.

• id = Primary key.
• username = Username.
• password = User password (encrypted).
• email = User email.
• activation_key = Key needed to activate user. User who activated will be moved to users table.
• last_ip = IP address of user when register.
• created = Date time when this record is created.

If 'DX_email_activation' is TRUE, people who have registered is inserted into this table instead of users table. If they activate their account, the record will be moved into users table.

user_profile table

This table is for user profile.

• id = Primary key.
• user_id = Foreign key to users table.
• Other field is up to you. You can add or delete to fit your needs.

user_autologin table

This table is to save autologin variable when user login, to verify it with autologin cookies.

• key_id = Primary key, key_id was created with unique string when user login using remember TRUE.
• user_id = Primary key, user id of user when login using remember TRUE.
• user_agent = User agent of browser when user login using remember TRUE.
• last_ip = User IP address when user login using remember TRUE.
• last_login = Time when user login using remember TRUE.

Normally, you won't need to touch with this table.

roles table

This table is records of role name such as registered user, admin, moderator, etc.

• id = Primary key.
• parent_id = Self reference to id. Which mean this role will inherit parent_id role. Default is 0 (No parent).
• name = Role name.

You need to have minimum 2 records in here.

First, record which have id = 1 must be named 'registered user' or something similar, since users table will automatically set role_id = 1 when record is created.
And another one must have 'admin' (case insensitive) in name field while it's id is not important.

If you don't plan to use permissions feature, you don't need to care about parent_id just leave it as 0. But if you do, you can check function check_uri_permissions() in function guide to know what's the effect of having parent_id.

permissions table

• id = Primary key.
• role_id = Foreign key to roles table.
• data(text) = Permission data. Permission data is saved as array which converted into string.

check_uri_permission(), get_permission_value(), get_permissions_value() relying on this table. To set the data, you have to use function given in permissions model, or make your own. See the example on how to set the permission.

login_attempts table

This table log login attempted by people.

• id = Primary key.
• ip_address = IP address of someone who try to login.
• time = Time when someone who try to login.

DX Auth will only use this table when 'DX_count_login_attempts' is set to TRUE in config file. And if login attempts for same IP is more than 'DX_max_login_attempts' in config file, it will not count that IP anymore.

role_uri table

Obsolete in 1.0.2 above. Use permissions table.

Top of Page

DX Auth  ·  Copyright © 2008  ·  Dexcell