Coding standards
Security in ResourceSpace
Developer reference
Database
- Table: activity_log
- Table: annotation
- Table: annotation_node
- Table: collection
- Table: collection_keyword
- Table: collection_log
- Table: collection_resource
- Table: collection_savedsearch
- Table: comment
- Table: daily_stat
- Table: dash_tile
- Table: dynamic_tree_node
- Table: external_access_keys
- Table: filter
- Table: filter_rule
- Table: filter_rule_node
- Table: ip_lockout
- Table: job_queue
- Table: keyword
- Table: keyword_related
- Table: mail_log
- Table: message
- Table: node
- Table: node_keyword
- Table: plugins
- Table: preview_size
- Table: report
- Table: report_periodic_emails
- Table: report_periodic_emails_unsubscribe
- Table: request
- Table: research_request
- Table: resource
- Table: resource_alt_files
- Table: resource_custom_access
- Table: resource_data
- Table: resource_dimensions
- Table: resource_keyword
- Table: resource_log
- Table: resource_node
- Table: resource_related
- Table: resource_type
- Table: resource_type_field
- Table: resource_type_field_resource_type
- Table: search_log
- Table: site_text
- Table: slideshow
- Table: sysvars
- Table: tab
- Table: user
- Table: user_collection
- Table: user_dash_tile
- Table: user_message
- Table: user_preferences
- Table: user_rating
- Table: user_report
- Table: user_userlist
- Table: usergroup
- Table: usergroup_collection
- Table: usergroup_dash_tile
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
- get_user_collections()
- get_collection()
- get_collection_resources()
- get_collection_resources_with_data()
- add_resource_to_collection()
- remove_resource_from_collection()
- collection_writeable()
- collection_readable()
- set_user_collection()
- create_collection()
- delete_collection()
- refresh_collection_frame()
- search_public_collections()
- do_collections_search()
- add_collection()
- remove_collection()
- index_collection()
- save_collection()
- get_max_theme_levels()
- get_theme_headers()
- themes_comparator()
- collections_comparator()
- collections_comparator_desc()
- get_themes()
- get_smart_theme_headers()
- get_smart_themes_nodes()
- email_collection()
- generate_collection_access_key()
- get_saved_searches()
- add_saved_search()
- remove_saved_search()
- add_smart_collection()
- get_search_title()
- add_saved_search_items()
- allow_multi_edit()
- get_theme_image()
- swap_collection_order()
- update_collection_order()
- get_collection_resource_comment()
- save_collection_resource_comment()
- relate_to_collection()
- get_mycollection_name()
- get_collection_comments()
- send_collection_feedback()
- copy_collection()
- collection_is_research_request()
- add_to_collection_link()
- change_collection_link()
- get_collection_external_access()
- delete_collection_access_key()
- collection_log()
- get_collection_log()
- get_collection_videocount()
- collection_max_access()
- collection_min_access()
- collection_set_public()
- collection_set_private()
- collection_set_themes()
- remove_all_resources_from_collection()
- get_home_page_promoted_collections()
- is_collection_approved()
- edit_collection_external_access()
- show_hide_collection()
- get_session_collections()
- update_collection_user()
- compile_collection_actions()
- makeFilenameUnique()
- new_featured_collection_form()
- get_last_resource_edit()
- GetThemesFromRequest()
- collection_download_get_archive_file()
- collection_download_use_original_filenames_when_downloading()
- collection_download_process_text_file()
- collection_download_log_resource_ready()
- update_zip_progress_file()
- collection_download_process_data_only_types()
- collection_download_process_summary_notes()
- collection_download_process_csv_metadata_file()
- collection_download_process_command_to_file()
- collection_download_process_collection_download_name()
- collection_download_process_archive_command()
- collection_download_clean_temp_files()
- collection_cleanup_inaccessible_resources()
- relate_all_collection()
- update_collection_type()
- get_user_selection_collection()
- delete_old_collections()
- save_themename()
- get_featured_collection_resources()
- get_featured_collection_categ_sub_fcs()
- generate_featured_collection_image_urls()
- update_collection_parent()
- get_featured_collections()
- featured_collections_permissions_filter_sql()
- featured_collection_check_access_control()
- order_featured_collections_by_hasresources()
- get_featured_collection_categories()
- is_featured_collection_category()
- is_featured_collection_category_by_children()
- validate_collection_parent()
- get_featured_collection_category_branch_by_leaf()
- process_posted_featured_collection_categories()
- get_featured_collection_ref_by_name()
- allow_collection_share()
- allow_featured_collection_share()
- filter_featured_collections_by_root()
- get_featured_collections_by_resources()
- can_delete_featured_collection()
- order_featured_collections()
- strip_prefix_chars()
- allow_upload_to_collection()
- get_all_featured_collections()
- compute_featured_collections_acess_control()
- compute_featured_collections_access_control()
- cleanup_anonymous_collections()
- can_share_upload_link()
- can_edit_upload_share()
- create_upload_link()
- generate_share_key()
- upload_share_active()
- upload_share_setup()
- external_upload_notify()
- purge_expired_shares()
- can_delete_collection()
- move_featured_collection_branch_path_root()
- send_collection_to_admin()
- collection_add_resources()
- collection_remove_resources()
- get_default_user_collection()
- can_reorder_featured_collections()
- reorder_collections()
- update_smart_collection()
- check_upload_terms()
- unrelate_all_collection()
- reorder_all_featured_collections_with_parent()
Comment functions
Config functions
- validate_field()
- render_select_option()
- render_bool_option()
- render_text_option()
- set_config_option()
- get_config_option()
- get_config_option_users()
- get_config_options()
- process_config_options()
- config_clean()
- config_html()
- config_add_html()
- config_text_input()
- config_add_text_input()
- config_file_input()
- config_colouroverride_input()
- config_add_file_input()
- config_single_select()
- config_add_single_select()
- config_boolean_select()
- config_add_boolean_select()
- config_checkbox_select()
- config_add_checkbox_select()
- config_add_colouroverride_input()
- config_add_single_ftype_select()
- config_single_ftype_select()
- config_generate_AutoSaveConfigOption_function()
- config_process_file_input()
- config_generate_html()
- config_merge_non_image_types()
- get_header_image()
- config_register_core_fieldvars()
- config_add_hidden_input()
- config_register_core_field_refs()
- checkValidExtension()
- override_rs_variables_by_eval()
- remove_config_option()
- update_resource_type_field_resource_types()
- get_resource_type_field_resource_types()
- create_resource_type()
- save_resource_type()
- rs_get_resource_type()
- save_resource_type_field()
- get_resource_type_field_columns()
- delete_config_option()
- set_maxNumberOfFiles()
- clear_restype_cache()
- is_valid_contact_sheet_preview_size()
- check_removed_ui_config()
CSV export functions
Dash functions
- create_dash_tile()
- update_dash_tile()
- delete_dash_tile()
- revoke_all_users_flag_cascade_delete()
- append_default_position()
- reorder_default_dash()
- update_default_dash_tile_order()
- get_tile()
- all_user_dash_tile_active()
- existing_tile()
- cleanup_dash_tiles()
- checkTileConfig()
- checkConfigCustomHomePanels()
- get_alluser_available_tiles()
- get_default_dash()
- deleteDefaultDashTile()
- updateDashTileOrder()
- get_managed_dash()
- add_usergroup_dash_tile()
- append_usergroup_position()
- reorder_usergroup_dash()
- update_usergroup_dash_tile_order()
- build_usergroup_dash()
- get_tile_user_groups()
- get_usergroup_available_tiles()
- get_usergroup_tile()
- add_user_dash_tile()
- get_user_tile()
- create_new_user_dash()
- update_user_dash_tile_order()
- delete_user_dash_tile()
- empty_user_dash()
- reorder_user_dash()
- append_user_position()
- get_user_available_tiles()
- get_user_dash()
- deleteDashTile()
- render_delete_dialog_JS()
- parse_dashtile_link()
- build_dash_tile_list()
- allow_tile_colour_change()
- render_dash_tile_colour_chooser()
- update_tile_preview_colour()
- get_tile_custom_style()
- delete_usergroup_dash_tile()
- allowPromotedResources()
- render_upgrade_available_tile()
- generate_dash_tile_toolbar()
- existing_dash_tile()
- dash_tile_featured_collection_get_resources()
- validate_tile_style()
- validate_build_url()
- tltype_srch_generate_js_for_background_and_count()
- get_dash_search_data()
- can_edit_tile()
Debug functions
Encryption functions
Facial recognition functions
File functions
- get_checksum()
- is_safe_basename()
- is_valid_rs_path()
- validate_temp_path()
- validate_resource_files()
- is_valid_upload_path()
- is_banned_extension()
- remove_empty_temp_directory()
- rrmdir()
- check_valid_file_extension()
- temp_local_download_remote_file()
- isPathWhitelisted()
- generateUserFilenameUID()
- safe_file_name()
General functions
- getval()
- getuid()
- escape_check()
- unescape()
- nicedate()
- redirect()
- trim_spaces()
- trim_array()
- tidylist()
- tidy_trim()
- average_length()
- get_stats_activity_types()
- get_stats_years()
- newlines()
- get_all_site_text()
- get_site_text()
- check_site_text_custom()
- save_site_text()
- string_similar()
- formatfilesize()
- filesize2bytes()
- get_mime_type()
- send_mail()
- send_mail_phpmailer()
- log_mail()
- rs_quoted_printable_encode()
- rs_quoted_printable_encode_subject()
- pager()
- send_statistics()
- remove_extension()
- verify_extension()
- get_allowed_extensions()
- get_allowed_extensions_by_type()
- getAbsolutePath()
- getFolderContents()
- mb_basename()
- strip_extension()
- is_process_lock()
- set_process_lock()
- clear_process_lock()
- filesize_unlimited()
- strip_leading_comma()
- convert()
- get_temp_dir()
- convert_path_to_url()
- escape_command_args()
- run_command()
- run_external()
- error_alert()
- xml_entities()
- get_xml_entity_at_index_0()
- sanitize_char()
- format_display_field()
- format_string_more_link()
- sortmulti()
- draw_performance_footer()
- sql_affected_rows()
- get_imagemagick_path()
- get_utility_path()
- get_executable_path()
- truncate_cache_arrays()
- txt2html()
- is_html()
- rs_setcookie()
- get_editable_states()
- validate_html()
- generateURL()
- tail()
- move_array_element()
- emptyiszero()
- array_column()
- get_slideshow_files_data()
- form_value_display()
- job_queue_add()
- job_queue_update()
- job_queue_delete()
- job_queue_get_jobs()
- job_queue_run_job()
- user_set_usergroup()
- generateSecureKey()
- IsModal()
- generateCSRFToken()
- isValidCSRFToken()
- generateFormToken()
- generateAjaxToken()
- enforcePostRequest()
- findDuplicates()
- is_resourcespace_upgrade_available()
- get_recent_users()
- check_script_last_ran()
- count_errors()
- search_array_by_keyvalue()
- bypass_permissions()
- set_sysvar()
- get_sysvar()
- hook()
- strip_tags_and_attributes()
- show_pagetime()
- get_debug_log_dir()
- debug()
- rcRmdir()
- daily_stat()
- pagename()
- text()
- get_section_list()
- resolve_user_agent()
- get_ip()
- ResolveKB()
- trim_filename()
- job_queue_get_job()
- job_queue_purge()
- get_inner_html_from_tag()
- array_flip_by_value_key()
- reshape_array_by_value_keys()
- permission_j()
- permission_negative_j()
- cleanup_files()
- is_int_loose()
- ip_matches()
- set_unique_filename()
- build_permission()
- validate_remote_code()
- get_system_status()
- allowed_type_mime()
- try_unlink()
- check_filestore_browseability()
- check_imagemagick_cli_version_found()
- check_numeric_cli_version_found()
- check_utility_cli_version_found_by_name()
- command_line_only()
- prefix_value()
- generate_csrf_js_object()
- strip_paragraph_tags()
- set_order_by_to_zero()
- try_getimagesize()
- execution_lockout_remove_resource_type_field_props()
- is_positive_int_loose()
- compute_dpi()
- compute_megapixel()
- is_jpeg_extension()
- get_total_approved_users()
- get_total_resources()
- getCertificateExpiry()
Language functions
- ucfirstletter()
- lang_or_i18n_get_translated()
- i18n_get_translated()
- i18n_get_collection_name()
- i18n_get_indexable()
- i18n_get_translations()
- str_replace_formatted_placeholder()
- ucfirstletter_callback()
- normalize_keyword()
- remove_accents()
- seems_utf8()
- http_get_preferred_language()
- setLanguage()
- lang_load_site_text()
- i18n_get_all_translations()
- i18n_merge_translations()
- get_display_language()
Log functions
Login functions
Message functions
- system_notification()
- message_get()
- message_add()
- message_remove()
- message_seen()
- message_unseen()
- message_seen_all()
- message_purge()
- message_send_unread_emails()
- message_remove_related()
- message_user_remove()
- message_get_conversation()
- send_user_message()
- message_deleteselusrmsg()
- message_selectedseen()
- message_selectedunseen()
- message_getrefs()
- send_user_notification()
- get_user_message()
- send_integrity_failure_notices()
- build_specialsearch_list_urls()
Migration functions
Node functions
- set_node()
- delete_node()
- delete_nodes_for_resource_type_field()
- get_node()
- is_parent_node()
- get_tree_node_level()
- get_root_node_by_leaf()
- reorder_node()
- reorder_nodes()
- render_new_node_record()
- get_node_order_by()
- draw_tree_node_table()
- node_field_options_override()
- add_node_keyword()
- remove_node_keyword()
- remove_all_node_keyword_mappings()
- check_node_indexed()
- add_node_keyword_mappings()
- remove_node_keyword_mappings()
- add_resource_nodes()
- add_resource_nodes_multi()
- get_resource_nodes()
- delete_resource_nodes()
- delete_resource_nodes_multi()
- delete_all_resource_nodes()
- copy_resource_nodes()
- get_nodes_from_keywords()
- update_resource_node_hitcount()
- copy_resource_type_field_nodes()
- get_parent_nodes()
- get_nodes_count()
- extract_node_options()
- get_node_by_name()
- get_node_id()
- node_name_comparator()
- node_orderby_comparator()
- get_node_elements()
- get_node_tree()
- get_tree_strings()
- compute_node_branch_path()
- compute_nodes_by_parent()
- get_resource_nodes_batch()
- get_nodes_by_refs()
- process_node_search_syntax_to_names()
- delete_unused_non_fixed_list_nodes()
- remove_invalid_node_keyword_mappings()
- get_nodes_use_count()
- check_delete_nodes()
- remove_field_keywords()
- get_cattree_nodes_ordered()
- get_cattree_node_strings()
- cattree_node_creator()
- cattree_node_flatten()
- get_resources_nodes_by_rtf()
- get_node_strings()
- order_tree_nodes()
- add_sql_node_language()
- migrate_fixed_to_text()
- cleanup_invalid_nodes()
- get_all_parents_by_leaf()
- get_all_ancestors_for_node()
- delete_node_resources()
- remove_invalid_resource_node_mappings()
- update_node_active_state()
- toggle_active_state_for_nodes()
- toggle_category_tree_nodes_active_state()
- get_nodes()
PDF functions
Plugin functions
- activate_plugin()
- deactivate_plugin()
- purge_plugin_config()
- get_plugin_yaml()
- config_json_encode()
- config_encode()
- get_plugin_config()
- set_plugin_config()
- is_plugin_activated()
- handle_rsc_upload()
- display_rsc_upload()
- config_gen_setup_post()
- config_gen_setup_html()
- config_section_header()
- config_add_section_header()
- config_add_text_list_input()
- config_multi_select()
- config_add_multi_select()
- config_single_user_select()
- config_add_single_user_select()
- config_multi_user_select()
- config_add_multi_user_select()
- config_single_group_select()
- config_add_single_group_select()
- config_multi_group_select()
- config_add_multi_group_select()
- config_multi_ftype_select()
- config_add_multi_ftype_select()
- config_single_rtype_select()
- config_add_single_rtype_select()
- config_multi_rtype_select()
- config_add_multi_rtype_select()
- config_db_single_select()
- config_add_db_single_select()
- config_db_multi_select()
- config_add_db_multi_select()
- config_add_hidden()
- config_text_field()
- config_userselect_field()
- config_field_select()
- config_boolean_field()
- config_custom_select_multi()
- config_custom_select()
- get_plugin_css()
- plugin_activate_for_setup()
- include_plugin_config()
- register_plugin_language()
- get_plugin_path()
- register_plugin()
- config_multi_archive_select()
- config_add_multi_archive_select()
- plugin_encode_complex_configs()
- plugin_decode_complex_configs()
- get_active_plugins()
- register_group_access_plugins()
Render functions
- render_search_field()
- render_sort_order()
- render_dropdown_option()
- render_actions()
- render_user_group_multi_select()
- render_user_group_select()
- render_user_group_checkbox_select()
- render_text_question()
- render_split_text_question()
- render_dropdown_question()
- render_access_key_tr()
- is_field_displayed()
- display_multilingual_text_field()
- display_field()
- render_date_range_field()
- renderBreadcrumbs()
- renderCallToActionTile()
- renderSocialMediaShareLinksForUrl()
- renderLockButton()
- render_resource_image()
- calculate_image_display()
- render_share_options()
- render_field_selector_question()
- render_filter_bar_button()
- render_upload_here_button()
- render_trash()
- render_browse_bar()
- generate_browse_bar_item()
- render_help_link()
- render_question_div()
- render_custom_fields()
- render_selected_resources_counter()
- render_edit_selected_btn()
- render_clear_selected_btn()
- render_selected_collection_actions()
- render_user_collection_select()
- render_csrf_data_attributes()
- check_display_condition()
- has_browsebar()
- display_upload_options()
- display_field_data()
- render_resource_lock_link()
- EditNav()
- SaveAndClearButtons()
- UpdateResultOrder()
- display_size_option()
- show_upgrade_in_progress()
- render_audio_download_link()
- render_table()
- render_array_in_table_cells()
- render_new_featured_collection_cta()
- render_featured_collection_category_selector()
- render_featured_collections()
- render_featured_collection()
- DrawOption()
- render_featured_collections_category_permissions()
- render_top_page_error_style()
- render_workflow_state_question()
- render_share_password_question()
- pclick()
- pblur()
- render_question_form_helper()
- render_hidden_input()
- radio_get_layout()
- render_radio_buttons_question()
- render_message()
- render_antispam_question()
- render_fixed_text_question()
- render_fa_icon_selector()
- filterIcons()
- escape_quoted_data()
- display_related_resources()
- admin_resource_type_field_constraint()
- admin_resource_type_field_option()
- showHideResTypeSelector()
- render_resource_type_selector_question()
- add_download_column()
- escape()
- render_resource_view_image()
- is_another_tool_option_enabled()
- toggleMode()
- toggleAnnotationsOption()
- toggleImagePreviewZoomOption()
- render_resource_tools_size_download_options()
- render_fixedlist_as_pills()
- render_fixed_list_as_pills()
Reporting functions
- render_bar_graph()
- render_pie_graph()
- report_process_query_placeholders()
- report_has_thumbnail()
- report_has_date_by_id()
- report_has_date()
- get_translated_activity_type()
- unsubscribe_user_from_periodic_report()
- delete_periodic_report()
- send_periodic_report_emails()
- create_periodic_email()
- do_report()
- get_reports()
- get_report_name()
Request functions
- managed_collection_request()
- get_request()
- get_user_requests()
- save_request()
- get_requests()
- email_collection_request()
- email_resource_request()
- get_valid_custom_fields()
- gen_custom_fields_html_props()
- process_custom_fields_submission()
- can_use_owner_field()
- get_notification_users_by_owner_field()
- resource_request_visible()
Research functions
Slideshow functions
Theme permission functions
User functions
- validate_user()
- setup_user()
- get_users()
- get_users_with_permission()
- get_user_by_email()
- get_user_by_username()
- get_usergroups()
- get_usergroup()
- get_user()
- save_user()
- email_user_welcome()
- email_reset_link()
- auto_create_user_account()
- email_user_request()
- new_user()
- get_active_users()
- change_password()
- make_password()
- bulk_mail()
- get_user_log()
- resolve_userlist_groups()
- resolve_userlist_groups_smart()
- remove_groups_smart_from_userlist()
- check_password()
- resolve_users()
- check_access_key()
- check_access_key_collection()
- make_username()
- get_registration_selectable_usergroups()
- open_access_to_user()
- open_access_to_group()
- resolve_open_access()
- remove_access_to_user()
- user_email_exists()
- resolve_user_emails()
- create_password_reset_key()
- get_rs_session_id()
- get_notification_users()
- verify_antispam()
- check_share_password()
- get_users_from_permission_lookup()
- offset_user_local_timezone()
- checkPermission_anonymoususer()
- checkPermission_dashadmin()
- checkPermission_dashuser()
- checkPermission_dashmanage()
- checkPermission_dashcreate()
- checkperm()
- checkperm_user_edit()
- internal_share_access()
- save_usergroup()
- set_user_profile()
- delete_profile_image()
- get_profile_image()
- get_profile_text()
- get_languages_notify_users()
- get_upload_url()
- emulate_user()
- is_authenticated()
- get_approver_usergroups()
- get_usergroup_approvers()
- copy_usergroup_permissions()
- mark_email_as_invalid()
- check_email_invalid()
- get_users_by_permission()
- is_anonymous_user()
- get_users_by_preference()
- generate_temp_download_key()
- validate_temp_download_key()
- setup_command_line_user()
- user_limit_reached()
- can_set_admin_usergroup()
- update_user_access()
- checkPermission_manage_users()
- set_processing_message()
Video functions
Database functions
- sql_null_or_val()
- db_end_transaction()
- db_rollback_transaction()
- sql_query()
- sql_value()
- sql_array()
- sql_insert_id()
- get_query_cache_location()
- clear_query_cache()
- check_db_structs()
- CheckDBStruct()
- sql_limit()
- sql_is_null_or_eq_val()
- sql_query_prepared()
- sql_truncate_text_val()
- ps_query()
- fetch_assoc_stmt()
- copy_value()
- ps_value()
- ps_array()
- ps_param_insert()
- ps_param_fill()
- columns_in()
- sql_limit_with_total_count()
- sql_reorder_records()
- ps_fill_param_array()
- errorhandler()
- db_use_multiple_connection_modes()
- db_set_connection_mode()
- db_get_connection_mode()
- db_clear_connection_mode()
- sql_connect()
- db_begin_transaction()
Metadata functions
Resource functions
- get_resource_path()
- get_resource_data()
- put_resource_data()
- create_resource()
- update_hitcount()
- save_resource_data()
- set_resource_defaults()
- save_resource_data_multi()
- append_field_value()
- remove_keyword_mappings()
- remove_keyword_from_resource()
- add_keyword_mappings()
- add_keyword_to_resource()
- remove_all_keyword_mappings_for_field()
- update_field()
- ()
- email_resource()
- delete_resource()
- get_resource_type_field()
- get_resource_field_data()
- get_resource_field_data_batch()
- get_resource_types()
- get_resource_top_keywords()
- clear_resource_data()
- get_max_resource_ref()
- get_resource_ref_range()
- copy_resource()
- resource_log()
- get_resource_log()
- get_resource_type_name()
- get_resource_custom_access()
- get_resource_custom_access_users_usergroups()
- save_resource_custom_access()
- get_custom_access()
- get_themes_by_resource()
- update_resource_type()
- relate_to_array()
- get_exiftool_fields()
- createTempFile()
- stripMetadata()
- write_metadata()
- delete_exif_tmpfile()
- update_resource()
- import_resource()
- get_alternative_files()
- add_alternative_file()
- delete_alternative_file()
- get_alternative_file()
- save_alternative_file()
- user_rating_save()
- process_notify_user_contributed_submitted()
- notify_user_contributed_submitted()
- notify_user_contributed_unsubmitted()
- get_field()
- get_field_options_with_stats()
- save_field_options()
- get_resources_matching_keyword()
- get_keyword_from_option()
- add_field_option()
- get_resource_access()
- get_custom_access_user()
- edit_resource_external_access()
- resource_download_allowed()
- get_edit_access()
- filter_match()
- log_diff()
- get_metadata_templates()
- get_resource_collections()
- download_summary()
- check_use_watermark()
- autocomplete_blank_fields()
- get_resource_files()
- reindex_resource()
- get_page_count()
- update_disk_usage()
- update_disk_usage_cron()
- get_total_disk_usage()
- overquota()
- notify_user_resources_approved()
- get_original_imagesize()
- generate_resource_access_key()
- get_resource_external_access()
- delete_resource_access_key()
- resource_type_config_override()
- update_archive_status()
- delete_resources_in_collection()
- update_related_resource()
- can_share_resource()
- delete_resource_custom_access_usergroups()
- truncate_join_field_value()
- get_video_snapshots()
- resource_file_readonly()
- delete_resource_custom_user_access()
- get_video_info()
- copyAllDataToResource()
- copyResourceDataValues()
- copy_locked_data()
- copy_locked_fields()
- copyRelatedResources()
- process_edit_form()
- update_timestamp()
- get_extension()
- get_last_resource_edit_array()
- get_default_archive_state()
- save_original_file_as_alternative()
- replace_resource_file()
- get_resource_all_image_sizes()
- sanitize_date_field_input()
- download_link_generate_key()
- download_link_check_key()
- filter_check()
- update_resource_keyword_hitcount()
- copy_hitcount_to_live()
- get_image_sizes()
- get_preview_quality()
- get_related_resources()
- get_field_options()
- get_data_by_field()
- get_resources_by_resource_data_value()
- get_all_image_sizes()
- image_size_restricted_access()
- get_fields()
- get_hidden_indexed_fields()
- get_category_tree_fields()
- get_OR_fields()
- get_nopreview_icon()
- get_indexed_resource_type_fields()
- get_resource_type_fields()
- notify_resource_change()
- add_verbatim_keywords()
- metadata_field_edit_access()
- get_download_filename()
- get_resource_type_from_extension()
- canSeePreviewTools()
- checkPreviewToolsOptionUniqueness()
- alt_is_ffmpeg_alternative()
- create_resource_type_field()
- metadata_field_view_access()
- get_workflow_states()
- delete_resource_type_field()
- tab_names()
- get_resource_table_joins()
- update_resource_lock()
- get_resource_lock_message()
- get_resource_data_batch()
- get_external_shares()
- get_video_duration()
- relate_all_resources()
- allow_in_browser()
- update_node_hitcount_from_search()
- update_resource_field_column()
- get_all_resource_types()
- data_joins_field_value_translate_and_csv()
- process_resource_data_joins_values()
- canSeeAnnotationsFields()
- apply_resource_default()
- skip_scr_size_preview()
- related_resource_pull()
- get_resource_preview()
- check_resources()
- get_resources_to_validate()
- get_nopreview_html()
Search functions
- copy_filter()
- save_related_keywords()
- get_simple_search_fields()
- get_fields_for_search_display()
- get_filters()
- get_filter()
- get_filter_rules()
- get_filter_rule()
- save_filter()
- save_filter_rule()
- delete_filter()
- delete_filter_rule()
- get_grouped_related_keywords()
- update_search_from_request()
- get_search_default_restypes()
- get_selectedtypes()
- render_advanced_search_buttons()
- get_collections_resource_count()
- get_search_params()
- is_not_wildcard_only()
- search_title_node_processing()
- setup_search_chunks()
- log_keyword_usage()
- set_search_order_by()
- get_upload_here_selected_nodes()
- suggest_refinement()
- get_advanced_search_fields()
- get_advanced_search_collection_fields()
- search_form_to_search_query()
- refine_searchstring()
- compile_search_actions()
- search_filter()
- search_special()
- resolve_nodes_from_string()
- rebuild_specific_field_search_from_node()
- search_get_previews()
- resolve_soundex()
- get_default_search_states()
- get_filter_sql()
- split_keywords()
- cleanse_string()
- resolve_keyword()
- add_partial_index()
- highlightkeywords()
- str_highlight()
- sorthighlights()
- get_suggested_keywords()
- get_related_keywords()
Map functions
Job functions
Tab functions
Test functions
perform_login()
Parameters
| Column | Type | Default | Description |
|---|---|---|---|
| $loginuser | "" | ||
| $loginpass | "" |
Location
include/login_functions.php lines 8 to 220
Definition
function perform_login($loginuser="",$loginpass="")
{
global $scramble_key, $lang, $max_login_attempts_wait_minutes, $max_login_attempts_per_ip, $max_login_attempts_per_username,
$username, $password, $password_hash, $session_hash, $usergroup;
$result = [];
$result['valid'] = $valid = false;
if(trim($loginpass) != "")
{
$password = trim($loginpass);
}
if(trim($loginuser) != "")
{
$username = trim($loginuser);
}
// If a special key is sent, which is a hash based on the username and scramble key, then allow a login
// using this hash as the password. This is for the 'log in as this user' feature.
$impersonate_user = hash_equals(getval('userkey', ''),hash_hmac("sha256", "login_as_user" . $loginuser . date("Ymd"), $scramble_key, true));
// Get user record
$user_ref = get_user_by_username($username);
$found_user_record = ($user_ref !== false);
if ($found_user_record) {
$user_data = get_user($user_ref);
// Did the user log in using their email address? If so update username variable
if (
mb_strtolower($user_data['username']) !== mb_strtolower($username)
&& mb_strtolower($user_data['email']) === mb_strtolower($username)
) {
$username = $user_data['username'];
}
}
// User logs in
if($found_user_record && rs_password_verify($password, $user_data['password'], ['username' => $username]) && $password != "")
{
$password_hash_info = get_password_hash_info();
$algo = $password_hash_info['algo'];
$options = $password_hash_info['options'];
if(password_needs_rehash($user_data['password'], $algo, $options))
{
$password_hash = rs_password_hash("RS{$username}{$password}");
if($password_hash === false)
{
trigger_error('Failed to rehash password!');
}
ps_query("UPDATE user SET `password` = ? WHERE ref = ?", array("s",$password_hash,"i",$user_ref));
}
else
{
$password_hash = $user_data['password'];
}
$valid = true;
}
// An admin logs in as this user
elseif(
$found_user_record
&& $impersonate_user
&& rs_password_verify($password, $user_data['password'], ['username' => $username, 'impersonate_user' => true])
)
{
$password_hash = $user_data['password'];
$valid = true;
}
$ip = get_ip();
# This may change the $username, $password, and $password_hash
$externalresult=hook("externalauth","",array($username, $password)); #Attempt external auth if configured
if($externalresult)
{
// Get user data as per old method
$user_ref = get_user_by_username($username);
$found_user_record = ($user_ref !== false);
if($found_user_record)
{
$user_data = get_user($user_ref);
$valid = true;
}
}
if($valid)
{
$userref = $user_data['ref'];
$usergroup = $user_data['usergroup'];
$expires = $user_data['account_expires'];
$approved = $user_data['approved'];
if ($approved == 2)
{
$result['error']=$lang["accountdisabled"];
log_activity('Account Disabled',LOG_CODE_FAILED_LOGIN_ATTEMPT,$ip,"user","last_ip",$userref,null,null,$user_ref);
return $result;
}
if ($expires!="" && $expires!="0000-00-00 00:00:00" && strtotime($expires)<=time())
{
$result['error']=$lang["accountexpired"];
log_activity('Account Expired',LOG_CODE_FAILED_LOGIN_ATTEMPT,$ip,"user","last_ip",$userref,null,null,$user_ref);
return $result;
}
$session_hash = generate_session_hash($password_hash);
$result['valid'] = true;
$result['session_hash'] = $session_hash;
$result['password_hash'] = $password_hash;
$result['ref'] = $userref;
$language = getval("language", "");
update_user_access($userref,
[
"session" => $session_hash,
"lang" => $language,
"login_tries" => 0,
"last_ip" => $ip,
]
);
// Update user local time zone (if provided)
$get_user_local_timezone = getval('user_local_timezone', null);
set_config_option($userref, 'user_local_timezone', $get_user_local_timezone);
# Log this
daily_stat("User session", $userref);
log_activity(null,LOG_CODE_LOGGED_IN,$ip,"user","last_ip",($userref!="" ? $userref :"null"),null,'',($userref!="" ? $userref :"null"));
# Blank the IP address lockout counter for this IP
ps_query("DELETE FROM ip_lockout WHERE ip = ?",array("s",$ip));
return $result;
}
# Invalid login
if(isset($externalresult["error"])){$result['error']=$externalresult["error"];} // We may have been given a better error to display
else {$result['error']=$lang["loginincorrect"];}
hook("loginincorrect");
# Add / increment a lockout value for this IP
$lockouts=ps_value("select count(*) value from ip_lockout where ip=? and tries<?",array("s",$ip,"i",$max_login_attempts_per_ip),"");
if ($lockouts>0)
{
# Existing row with room to move
$tries=ps_value("select tries value from ip_lockout where ip=?",array("s",$ip),0);
$tries++;
if ($tries==$max_login_attempts_per_ip)
{
# Show locked out message.
$result['error']=str_replace("?",$max_login_attempts_wait_minutes,$lang["max_login_attempts_exceeded"]);
$log_message = 'Max login attempts from IP exceeded - IP: ' . $ip;
log_activity($log_message, LOG_CODE_FAILED_LOGIN_ATTEMPT, $tries, 'ip_lockout', 'ip', $ip, 'ip');
}
# Increment
ps_query("update ip_lockout set last_try=now(),tries=tries+1 where ip=?",array("s",$ip));
}
else
{
# New row
ps_query("delete from ip_lockout where ip=?",array("s",$ip));
ps_query("insert into ip_lockout (ip,tries,last_try) values (?,1,now())",array("s",$ip));
}
# Increment a lockout value for any matching username.
$ulocks=ps_query("select ref,login_tries,login_last_try from user where username=?",array("s",$username));
if (count($ulocks)>0)
{
$tries=$ulocks[0]["login_tries"];
if ($tries=="") {$tries=1;} else {$tries++;}
if ($tries>$max_login_attempts_per_username) {$tries=1;}
if ($tries==$max_login_attempts_per_username)
{
# Show locked out message.
$result['error']=str_replace("?",$max_login_attempts_wait_minutes,$lang["max_login_attempts_exceeded"]);
$log_message = 'Max login attempts exceeded';
log_activity($log_message,LOG_CODE_FAILED_LOGIN_ATTEMPT,$ip,'user','ref',($user_ref != false ? $user_ref : null),null,null,($user_ref != false ? $user_ref : null));
}
ps_query("update user set login_tries=?,login_last_try=now() where username=?",array("i",$tries,"s",$username));
}
if($valid !== true && !isset($log_message))
{
if(isset($result['error']) && $result['error'] != '')
{
$log_message = strip_tags($result['error']);
}
else
{
$log_message = 'Failed Login';
}
log_activity(
$log_message, # Note
LOG_CODE_FAILED_LOGIN_ATTEMPT, # Log Code
$ip, # Value New
($user_ref != false ? 'user' : null), # Remote Table
($user_ref != false ? 'last_ip' : null), # Remote Column
($user_ref != false ? $user_ref : null), # Remote Ref
null, # Ref Column Override
null, # Value Old
($user_ref != false ? $user_ref : null) # User Ref
);
}
return $result;
}
This article was last updated 17th November 2024 15:05 Europe/London time based on the source file dated 7th November 2024 17:40 Europe/London time.