Wizard’s Toolkit Documentation

Security.php

This contains Wizard’s Toolkit functions involving encryption and language translation.

All rights reserved.

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Tags
author
Programming Labs
license
All rights reserved
version
2.0

Table of Contents

wtkPageProtect()  : string
Add function at top of a page to make page require password to view.
wtkNoBookmark()  : null
wtkNoBookmark
wtkGeneratePassword()  : password
Pass in how long of a password you want generated.
wtkGenerateHash()  : password
Generate a hash that can be used for directing to a web page.
wtkVerifyHashLink()  : password
Pass in hash and if valid will redirect to associated link.
wtkLang()  : string
Multi-Lingual functionality

Functions

wtkPageProtect()

Add function at top of a page to make page require password to view.

wtkPageProtect( string  $fncPagePasscode, string  $fncHTMLtemplate ) : string

Page will prompt user for password based on parameter passed to this function. Only after correct password is entered is page visible. Once password is successfully entered a cookie is set allowing access to page for one year.

Parameters
$fncPagePasscode : string

The passcode you require to access the page

$fncHTMLtemplate : string

.htm page to use for HTML template; if blank defaults to /wtk/htm/minibox.htm

Return values
string

Function returns user to a user login page or returns user to the content attempting to access.

wtkNoBookmark()

wtkNoBookmark

wtkNoBookmark( string  $fncMustFrom , string  $fncFailGoTo ) : null

This prevents a page from working if it was bookmarked or the link was sent to someone. If the referer is not what you expect, you can redirect them to any page. Pass in what page must be referer as first parameter. The second parameter is where to redirect if refer check fails. Here is an example:
wtkNoBookmark('mydomain.com', 'no2hackers.php');

Parameters
$fncMustFrom : string

what referer page must be

$fncFailGoTo : string

where to redirect to if referer does not match

Return values
null

wtkGeneratePassword()

Pass in how long of a password you want generated.

wtkGeneratePassword ([ number  $fncPwLength = 8 ] [, number  $fncComplex = 'Y' ]) : password

This excludes 1,l,0,O since those are often difficult to determine when viewed.

Example usage: $pgNewPW = wtkGeneratePassword(12); // creates 12-character password

Parameters
$fncPwLength : number = 8

default 8 ; length of password to generate

$fncComplex : number = 'Y'

default 'Y' ; includes extra characters like !@#%^*()-+}{>

Return values
password

wtkGenerateHash()

Generate a hash that can be used for directing to a web page.

wtkGenerateHash ( string  $fncAction , string  $fncURL [, string  $fncSize = 'big' ][ , string  $fncSave = 'Y' ] ) : password

This excludes 1,l,0,O since those are often difficult to determine when viewed. if third parameter is skipped or 'big' it uses sha256 to generate a hash. It checks to see if hash aleady exists in wtkLinkLogin table; if it does then new hash is created until an unused one is found.

The URL assigned will be redirected to when the hash is verified.

Example usage: $pgResult = wtkGenerateHash('subscriber', 'https://yourdomain.com/newUser.php?id=123', 'big', 'Y');

Parameters
$fncAction : string

stored in wtkLinkLogin.ActionNotes as method of categorizing

$fncURL : string

where to redirect to when Hash is used

$fncSize : string = 'big'

defaults to 'big' which generates 64-characters hash otherwise generates 8-character hash

$fncSave : string = 'Y'

defaults to 'Y'; when 'Y' verified unique and saves to wtkLinkLogin table

Return values
password

hash

Pass in hash and if valid will redirect to associated link.

wtkVerifyHashLink( number $fncHash ) : password

If unique and has not been visited yet, then set SESSION variable and redirect to GoToUrl . If passed to a Wizard’s Toolkit page, wtkLogin.php will recognize SESSION variable exists and will set Security Level to zero so can open page without logging in.

Also set VisitDate in wtkLinkLogin so can never be used again. Plus set $gloOneUse = true. Page redirected to should have code that checks to see if $gloOneUse == true. If so then change buttons to point to a "Thank you" page.

Example usage: $pgNewPW = wtkGenerateHash(12); // creates 12-character password

Parameters
$fncHash : number

to check for link redirection

Return values
password

wtkLang()

Multi-Lingual functionality

wtkLang( string  $fncText ) : string

If no language is chosen it uses default in which case original text is returned. Likewise if a translation does not exist in the current language database it returns the original text. This is called automatically by some Wizard Toolkit functions and can also be called directly by developer. When it is called and the language lookup does not exist, it inserts the request into wtkLanguage data table so it can be added later. Back office administration pages ignore translation calls.

Parameters
$fncText : string

to be translated; maximum 150 characters

Tags
global

string $gloLang which holds the language preference of the user; defined in wtk/wtkServerInfo.php

Return values
string

translated text; maximum 250 characters

Search results