2

Summary

Create registration process to allow users to create and manage an account. Use login to restrict execution of administrator functions that are accessible via the website.

Overview

Purpose The primary goal for this project is to create a mechanism to restrict access to as-yet-to-be-created administration functions. However instead of building the bare minimum I opted to include a full user registration process.
Goals
  • Allow user to create, update or delete an account.
  • Allow user to login and logout.
  • Allow user to activate account via email.
  • Allow user to recover username via email.
  • Allow user to reset password via email.
  • Customize views based on user login status.
Technology PHPMailerA full-featured PHP library for creating and sending emails., MockSMTPAn app for viewing test e-mails generated by the website on Mac OS.
Resources Took a Udemy class related to the topic and while it was helpful at a conceptual level it did not fit the MVC object oriented approach established by the first project and much of the code had to be refactored.

Implementation

  1. Install PHPMailerA full-featured PHP library for creating and sending emails.

    As part of the registration process an email is sent to the user to activate the account this process utilizes PHPMailerA full-featured PHP library for creating and sending emails. which was installed using ComposerUsed to manage the installation of third-party PHP libraries.:

    composer require phpmailer/phpmailer

  2. Install MockSMTPAn app for viewing test e-mails generated by the website on Mac OS.

    MockSMTPAn app for viewing test e-mails generated by the website on Mac OS. is an app for Mac and allows for email to be tested while offline. It becomes the recipient of all emails sent from the application (regardless of address) and provides a simple interface to view the emails. It was available on the App Store for free.

  3. Configure and Start Postfix

    • Change RelayHost in Postfix Main Config File

      sudo vi /etc/postfix/main.cf
      #relayhost = $mydomain
      relayhost = [127.0.0.1]:1025

    • Create Creditials file

      sudo vi /etc/postfix/submit.cred
      submitcred version 1
      localhost|username|password

    • Start Postfix and Check Status

      sudo postfix start
      sudo postfix status

    • Send Test Email

      echo "This is a test."|mail -s "Email Test" please@work.com

  4. Create Database Objects

    Create user table and procedures to support application requests and grant the GUEST user select on the table and execute on the procedures:

    • LKP_USER - Table to hold list of users and associated attributes.
    • CREATE_USER - Procedure to create a user record.
    • DELETE_USER - Procedure to delete a user record.
    • UPDATE_USER - Procedure to update a user record.
    • UPDATE_USER_ACTIVATE - Procedure to update a user record to activate the account.
    • CREATE_USER_PASSWORD - Procedure to update a user record to change the password.
    • CREATE_USER_ACCESS - Procedure to update a user record to set the access code as part of a password reset.

  5. Create Application Controllers

    • App/Controllers/Support/Utility.php - Class is odd collection of general purpose methods used to support the application controller and includes methods for sending emails, displaying generic messages and validating input.
    • App/Controllers/Support/Session.php - Support class representing the session and associated variables.
    • App/Controllers/User.php - Controls behavior related to user account, such as registration, activation, updates and logins.
    • App/Controllers/Admin.php - Placeholder for controller to manage administrator functions. Currently has no restricted methods available.

  6. Modify / Create Model Classes

    • Core/Model.php - Modified to use prepared statements.

    • App/Models/User.php - Interacts with the database to select and modify User data.

  7. Modify / Create View Files

    • Core/View.php - Modify class to pass session parameters to the TwigPHP template engine that simplifies the generation of HTML pages. template engine to customize pages based on whether user is logged in.
    • App/View/base.html - Modify base TwigPHP template engine that simplifies the generation of HTML pages. template to add "Login" option to the navigation if user is not logged in, to show the "User" option if the user is logged in and the "Admin" option if logged in user has administration privileges.
    • App/Views/User/login.html - Login form
    • App/Views/User/show.html - Shows user profile attributes
    • App/Views/User/edit.html - Form to edit user attributes.
    • App/Views/User/delete.html - Form to submit request to delete account.
    • App/Views/User/forgot.html - Form to request forgotten username or password.
    • App/Views/User/password.html - Form to change password.
    • App/Views/Utility/message.html - Shows generic message passed (e.g. "A email has been sent to your account.", "Action can not be performed using the guest account.").
    • App/Views/Admin/index.html - Shows administration functions.

  8. Modify Front Controller

    public/index.php - Modify front controller to start session.