Database Abstraction and PEAR’s Auth Package without Login Function

By the meaning of PEAR here is PHP Extension and Application Repository. I have a chances to bump around with this framework, after a request of a friend to develop some lightweight web-based application for small company.

The one of the main requirement is that the application should evade using any licensed software which is considered high cost for this small company.

This left only the open source applications as the choice that I should made, but alas, I still don’t have the existing framework of this kind of beast 🙂

Most of my existing framework is using ASP or Microsoft’s .NET platform (.ASPX extension), because I worked in the company that can afford to buy the Microsoft’s application licenses, from development tools to the required infrastructures, such as MS SQL, etc.

So begin my journey to explore the LAMP framework, especially without the L, because I am still using the Microsoft’s OS as the base OS for my web-based application.

In short, I am using Apache as web server, PHP as its web page processor, and MySQL as the database back-end.

For the start, I do some research from existing eBooks about PHP. At the database section, I stopped and pondering about the consequences when I choose the MySQL as database back-end, then decides to change it to other database server, such as POSTGRE, etc.

In conventional PHP applications, mostly that I gleaned from the ebooks, the command or function names is specific for each database platform. This will quickly turn into nightmare, when I already have some working framework developed using MySQL and wants to change to other database platform, because I have to change and verify and existing code-base to work with new database platform.

After performing some more research regarding this matter, I came upon the database abstraction concept in PHP. This will enable me to change the database back-end WITHOUT change any of existing code-base.

There are numerous framework for database abstraction in the market. After performing some more research, I decide to use the PEAR’s MDB2 database abstraction module.

From the MDB2 package, I take the interest’s in PEAR’s Auth package, because this will relieve me of the grudging routine of coding the authorization modules from scratch.

The issue that I immediately found is that, typical case in open-source platform, is there are scant working examples that can be readily applied to the newly developed applications.

For example, the existing sample, that I found in the Introduction section from Auth module help file, is using the login function to render the login screen. What if I already have the nice login form, and wanted to apply the Auth module without the login function from the sample ? Is it possible ?

The answer is, it is possible, but I don’t want to elaborate on the frustrations searching in vain for the working example of this kind and wrestling with the Auth code base, with no prior knowledge in PHP function syntaxes.

The keypoint is in this property in Auth class :

var $showLogin = true;

The default value is true, and I should set it to false when instantiating the Auth class. So, the code-base for doing the authentication without login function is as follow :

$options = array(‘dsn’ => ‘mysql://root:mypass@localhost/myDb’,
‘postUsername’ => ‘txtUserID’,
‘postPassword’ => ‘txtPassword’,
‘table’ => ‘tUser’,
‘usernamecol’=> ‘userid’,
‘passwordcol’ => ‘password’

$auth = new Auth(“MDB2”, $options, “” ,false);


if ($auth->checkAuth()) //Authenticated page here

Note for the missing login function string in the third parameter here, and also the ‘postUsername’ => ‘txtUserID’ and ‘postPassword’ => ‘txtPassword’ is to tell the Auth module what is the posted user id and password in my custome authorization page.

And the sequences :

‘table’ => ‘tUser’,
‘usernamecol’=> ‘userid’,
‘passwordcol’ => ‘password’

Is to inform Auth module about where to find the user table, the user id and password field in the table, respectively. In my case, the table is tUser, the user id field to be retrieved from the table is userID and the password field is Password.

Remember that the column mapping for the user id and password field should be typed in lower case. For example, the field name in the table could be ‘Password’, or ‘password’ for password field, in the field mapping, it should be ‘password’.

So instead of :

‘passwordcol’ => ‘Password’

Which is fatally wrong, I should write :

‘passwordcol’ => ‘password’

Because of this trivial mistake and new to the PHP platform, it costs me some hours to find it out. I hope this kind of mistake do not befall you 🙂

You can send the request to my email, If you are interested in the complete working example of this kind.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: