AMFPHP 1.9 Beta 2 Using Roles

19 May

AMFPHPNow, in previous posts i explained how to add the “before Filter” functionality but roles filtering was not very clear nor explained, in this post i will guide you in such task. In this current version of AMFPHP (May 20th 2007) there is no a defined function or method on how to handle roles, but with a little workaround you will find them useful. Yep as i said workaround due to it is a beta release i am not sure if Patrick will change or add a method to handle roles, to sum up previous posts:

  • method table disappeared
  • “_” is requiered to set “private” functions or simply use private function(){}
  • roles needed to be encountered (maybe not till now)

I also mentioned that if you write comments just before the function itself those comments are like the “old methodTable” and you will see what i mean, first create your document (class document):

class asb_labs{
/**
*here set variables with the name of your functions just as the old methodTable with the *only difference that these ones just contains roles
*
*/
var $methodOne="admin,normal,registered,user,super";
var $methodTwo="admin,super";
function asb_labs(){
/**
*the constructor is useful when you are opening your database, you can open a
*persistent connection
*/
$this->conn = mysql_pconnect("localhost","user", "password");
mysql_select_db ("db");
}

/**
*this is the new way to write your method's description
*
*@param $str(String) here you define your param datatype
*@param $str2(strin) another param
*/
function methodOne($str,$str2){
return "look this is method one!!";
}

/**
*description here
*/
function methodTwo(){
return "look this is method two!!";
}

/**
*now to let AMFPHP detect the method being called use this function
*/
function beforeFilter($function_called){
/*we want login() and logout() be accessed now matter if the user is or isn´t validated*/
if($function_called=="login" || $function_called=="logout"){
return true;/** when returning true means it can be executed*/
} else {
/**
here comes our part
*/
$permi=$this->$function_called;
eval("$permi = \"$permi\";");
/** here AMFPHP compares again the allowed roles*/
return Authenticate::isUserInRole($permi);
/** isUserInRole() is a built-in method as well as Authenticate::login and Authenticate::logout*/
}

function login($usr,$pwd){
/**
here you should log your user and register it(s) roles, (supposing we did a mysql query)
*/
Authenticate::login($usr,$rol);/** the $rol param can be a list of rols separated by comma, in this example let's assign it "user,registered"*/
return true;/** returning true means the user logged succesfully otherwise deny access*/
}
function logout(){
Authenticate::logout();
/**
logs the user out
*/
}
}
and that’s it is all, now you can have several rols for your methods and several rols for your users in an easy way to manage and mantain your code, enjoy and if you have any further comments just go on!!

« Yahoo! uses Flex 2.0
Flash vs Fuse Engine »

This post has 15 comments.

  1. chuck
    22 May 07 10:45

    I’d love to, ya know, but I can’t make heads or tails out of your jank code formatting.

  2. Andres
    22 May 07 16:18

    You think?, well i will be uploading a couple of files to let users download sample code, and if anyone is copying the code from the sample BE SURE to add a “}” on line 50, i missed that. And also be sure of using the AMFPHP 1.9 Beta 2 guys. till now it is unsure if this features are changing in the coming version.
    cheers!!!!

  3. andrew
    07 Dic 07 11:16

    I’m not really good at understand it ..do u have maybe a fla +php code as an example? it will help me a lot!
    thank u!
    A.

  4. andres
    08 Dic 07 0:58

    Hey andrew! I reformated the code beacause it was tricky and nothing helful, so now i hope you can read it pretty well or copy if it is your case… btw thanx for stepping by :-D

  5. Dan
    11 Dic 07 19:04

    Is this the error message i should be seeing if the authenticate fails or is there an error in my code?

    (Object)#0
    message = "faultCode:INVALID_AMF_MESSAGE faultString:'Invalid AMF message' faultDetail:'
    Parse error: syntax error, unexpected ',' in /Library/WebServer/Documents/amfphp/services/com/trt/safepost/adminService.php(30) : eval()'d code on line 1

    Fatal error: Uncaught exception 'VerboseException' with message 'Cannot modify header information - headers already sent by (output started at /Library/WebServer/Documents/amfphp/services/com/trt/safepost/adminService.php(30) : eval()'d code:1)' in /Library/WebServer/Documents/amfphp/core/amf/app/Gateway.php:187
    Stack trace:
    #0 [internal function]: amfErrorHandler(2, ‘Cannot modify h…’, ‘/Library/WebSer…’, 187, Array)
    #1 /Library/WebServer/Documents/amfphp/core/amf/app/Gateway.php(187): header(’Content-type: a…’)
    #2 /Library/WebServer/Documents/amfphp/gateway.php(152): Gateway->service()
    #3 {main}
    thrown in /Library/WebServer/Documents/amfphp/core/amf/app/Gateway.php on line 187
    ‘”
    name = “Error”
    rootCause = (null)

  6. andres
    11 Dic 07 21:46

    hey Dan! i saw your code it looks like it throws an error and the error could be the eval() php function, i wrote a (;) but it actually throws an error which is called “methodTableBeforeFiter” if you see yourself getting this error then it means you set everything right and expects the correct role which has not been submitted

    Best regards!!

  7. Dan
    12 Dic 07 7:11

    thanks andres! I’ve commented out the eval function and now it is working perfectly!

    the correct error looks like this:


    (Object)#0
    message = "faultCode:AMFPHP_AUTHENTICATE_ERROR faultString:'Method access blocked by beforeFilter in adminService class' faultDetail:'/Library/WebServer/Documents/amfphp/core/shared/app/BasicActions.php on line 121'"
    name = "Error"
    rootCause = (null)

    Although what was eval() function purpose, is it something important I should try to fix and put back in?

    Thanks again! Awesome script.

  8. andres
    12 Dic 07 14:43

    Hey Dan, great!….about the eval function i put it there because:
    When you ask for a result of a method amfphp looks for the method by name, and that’s the $function_called (it stores the name of the last requested method) then we do an eval() to convert that “string” into a variable, but the variable is already set with the same name of the requested method which contains a list of “allowed” roles, then we tell amfphp to compare the list of the roles with that one stored in users session (amfphp doesn’t allow to send an array of roles instead the roles to compare must be sent using a string-separated-by-comma-list) and that’s it :-D.

    I created another way to do it which is the one currently holding our customers entries I hope to post some advance uses of this kind of protection

    Best regards!!

  9. Da
    21 Dic 07 12:54

    Hi Andres,

    Thanks for your help with the authentication, its working great. This is off topic but I am trying to bind a boolean value from mysql to a checkbox in flex. I’ve tried enum(’true’,'false’) and tinyint(1) for field types in mysql and i have them set up to bind to a boolean property of a value object in flex. I just can’t seem to get this to work. You have any advice or a quick example on binding booleans from mysql to a flex checkbox?

    Happy Holidays

    Dan

  10. andres
    21 Dic 07 20:24

    Hey Dan! good to hear from you :-D, ok this is what I use to do in such cases:
    1-My row settings commonly are set to “int” so when I send (using amfphp) a boolean value it is stored in db as a number (an integer number ie. 1 || 0), then when retrieving the value from database I use to bind it with a Number type var, or reset the value of the checkbox by submitting the one I’m receiving directly from amfphp for instance:

    my_checkbox.selected=event.result[0].isChecked

    and well that is basically the way I deal with the boolean convertion, I hope this helps you and happy Xmas, god bless you and your family :-D

  11. rocky
    13 May 08 9:11

    Hi Andres,today i have one error for amfphp.but i can’t find the error with my code . i run this code in windows apache is normal ,on the redhat as4 is error.
    code is :
    gWebservice(’http://www.webxml.com.cn/WebServices/IpAddressSearchWebService.asmx?WSDL’,'getGeoIPContext’,$param);
    // format date to object
    $client = new clients();
    $client->clientip = $result['getGeoIPContextResult']['string'][0];
    $client->clientAddress = $result['getGeoIPContextResult']['string'][1];
    // citys list
    $citys = array(’北京’,'上海’,'天津’,'重庆’,'大连’);
    // match citys
    foreach($citys as $var){
    if (preg_match(”/”.$var.”/”, $client->clientAddress)) {
    $city = $var;
    }
    }
    // call weather webservice
    $param = array(’theCityName’ => $city);
    $result = $basicMessage->gWebservice(’http://www.webxml.com.cn/WebServices/WeatherWebService.asmx?WSDL’,'getWeatherbyCityName’,$param);
    // create weather object
    $weathers = new weatherObject();
    // format date to object
    $weathers->cityName = $result['getWeatherbyCityNameResult']['string'][1];
    // today
    $weathers->todayTemperature = $result['getWeatherbyCityNameResult']['string'][5];
    $weathers->todayStatus = $result['getWeatherbyCityNameResult']['string'][6];
    $weathers->todayWind = $result['getWeatherbyCityNameResult']['string'][7];
    $weathers->todayIcon = $result['getWeatherbyCityNameResult']['string'][8];
    $weathers->todayIcon2 = $result['getWeatherbyCityNameResult']['string'][9];
    $weathers->todaydepict = $result['getWeatherbyCityNameResult']['string'][10];
    // tomorrow
    $weathers->tomorrowTemperature = $result['getWeatherbyCityNameResult']['string'][12];
    $weathers->tomorrowStatus = $result['getWeatherbyCityNameResult']['string'][13];
    $weathers->tomorrowWind = $result['getWeatherbyCityNameResult']['string'][14];
    $weathers->tomorrowIcon = $result['getWeatherbyCityNameResult']['string'][15];
    $weathers->tomorrowIcon2 = $result['getWeatherbyCityNameResult']['string'][16];
    // acquired
    $weathers->acquiredTemperature = $result['getWeatherbyCityNameResult']['string'][17];
    $weathers->acquiredStatus = $result['getWeatherbyCityNameResult']['string'][18];
    $weathers->acquiredWind = $result['getWeatherbyCityNameResult']['string'][19];
    $weathers->acquiredIcon = $result['getWeatherbyCityNameResult']['string'][20];
    $weathers->acquiredIcon2 = $result['getWeatherbyCityNameResult']['string'][21];

    $weathers->citydepict = $result['getWeatherbyCityNameResult']['string'][22];

    return $weathers;
    }
    }
    ?>

    Error
    (mx.rpc::Fault)#0
    errorID = 0
    faultCode = “INVALID_AMF_MESSAGE”
    faultDetail = “”
    faultString = “Invalid AMF message”
    message = “faultCode:INVALID_AMF_MESSAGE faultString:’Invalid AMF message’ faultDetail:””
    name = “Error”
    rootCause = (null)

    Thank you , i wait your result.!

  12. rocky
    13 May 08 9:12

    what’s wrong with this?
    gWebservice(’http://www.webxml.com.cn/WebServices/IpAddressSearchWebService.asmx?WSDL’,'getGeoIPContext’,$param);
    // format date to object
    $client = new clients();
    $client->clientip = $result['getGeoIPContextResult']['string'][0];
    $client->clientAddress = $result['getGeoIPContextResult']['string'][1];
    // citys list
    $citys = array(’北京’,'上海’,'天津’,'重庆’,'大连’);
    // match citys
    foreach($citys as $var){
    if (preg_match(”/”.$var.”/”, $client->clientAddress)) {
    $city = $var;
    }
    }
    // call weather webservice
    $param = array(’theCityName’ => $city);
    $result = $basicMessage->gWebservice(’http://www.webxml.com.cn/WebServices/WeatherWebService.asmx?WSDL’,'getWeatherbyCityName’,$param);
    // create weather object
    $weathers = new weatherObject();
    // format date to object
    $weathers->cityName = $result['getWeatherbyCityNameResult']['string'][1];
    // today
    $weathers->todayTemperature = $result['getWeatherbyCityNameResult']['string'][5];
    $weathers->todayStatus = $result['getWeatherbyCityNameResult']['string'][6];
    $weathers->todayWind = $result['getWeatherbyCityNameResult']['string'][7];
    $weathers->todayIcon = $result['getWeatherbyCityNameResult']['string'][8];
    $weathers->todayIcon2 = $result['getWeatherbyCityNameResult']['string'][9];
    $weathers->todaydepict = $result['getWeatherbyCityNameResult']['string'][10];
    // tomorrow
    $weathers->tomorrowTemperature = $result['getWeatherbyCityNameResult']['string'][12];
    $weathers->tomorrowStatus = $result['getWeatherbyCityNameResult']['string'][13];
    $weathers->tomorrowWind = $result['getWeatherbyCityNameResult']['string'][14];
    $weathers->tomorrowIcon = $result['getWeatherbyCityNameResult']['string'][15];
    $weathers->tomorrowIcon2 = $result['getWeatherbyCityNameResult']['string'][16];
    // acquired
    $weathers->acquiredTemperature = $result['getWeatherbyCityNameResult']['string'][17];
    $weathers->acquiredStatus = $result['getWeatherbyCityNameResult']['string'][18];
    $weathers->acquiredWind = $result['getWeatherbyCityNameResult']['string'][19];
    $weathers->acquiredIcon = $result['getWeatherbyCityNameResult']['string'][20];
    $weathers->acquiredIcon2 = $result['getWeatherbyCityNameResult']['string'][21];

    $weathers->citydepict = $result['getWeatherbyCityNameResult']['string'][22];

    return $weathers;
    }
    }
    ?>

    (mx.rpc::Fault)#0
    errorID = 0
    faultCode = “INVALID_AMF_MESSAGE”
    faultDetail = “”
    faultString = “Invalid AMF message”
    message = “faultCode:INVALID_AMF_MESSAGE faultString:’Invalid AMF message’ faultDetail:””
    name = “Error”
    rootCause = (null)

  13. Alex
    24 Nov 08 19:36

    Can you post a full working sample zip file?

  14. handoyo
    14 Jul 09 23:24

    Hi Andres,could you give a working sample using roles??Thanks…

  15. FLEX 2 Guestbook V.2 | emswork source
    22 Nov 09 9:45

    [...] a method for that plz check the mxml so you can easily understand that part, about handling roles check my blog ALERT:this new release of amfphp doesn’t use tableMethod (in case you think I missed it) AMFPHP [...]

LEAVE A RESPONSE









Posted by andres.
19 Mayo 2007 at 0:00
15 comments
General
comments feed.