The authentication script is very simple in use. Simply have the user.php script sitting somewhere
that your other scripts can access it, and then start any independent PHP script with these lines:
require_once("user.php");
$USER = new User();
From that point on, there will be a $USER variable available in your script, with the following properties:
- $USER->authenticated - a boolean value that is "true" if the user is logged in, and "false" otherwise.
- $USER->username - the user's user name, or "guest user" if not authenticated.
- $USER->email - the user's email address, or an empty string for guest users.
- $USER->role - the user's role. By default all new users have the role "user".
- $USER->userdir - the user's data directory, or false if not authenticated.
There is a second way to create a new user, which allows you to pass the name of the function that should
be called when a new user registers with the system. This is something you typically use only in the script that
acts as main entry point:
require_once("user.php");
$USER = new User("registration_completed_function_name");
This will call your function as registration_completed_function_name($username, $email, $userdir),
providing it with the newly registered user's username, email address and data directory location. This lets
you hook into the registration process to ensure that any tasks that you need performed when a new
user joins (such as file or database manipulations for your own system) can be triggered.
Note that it doesn't matter whether you use a single entry script, or several distinct scripts.
If you have six scripts to perform various tasks as separate files (meaning they don't require
or include each other), simply add the require_once and new User() lines at the
start of each file, and each script will be able to deal with session-authenticated users. Simply
make tasks conditional on $USER->authenticated, and things will just work. This includes scripts
that you only call through GET and POST request via XHR ("ajax" requests).