Do not pass 'null' to 'count' which triggers a warning since PHP 7.2

Only configure and start session if not already started
Optimize spacing in PostgreSQL schema
2025-08-08 09:06:29 +02:00 · 2018-03-15 23:32:15 +01:00 · 2018-03-12 22:29:56 +01:00 · 2018-03-12 18:44:32 +01:00 · 2018-03-12 02:18:44 +01:00 · 2018-03-12 02:15:35 +01:00
5 changed files with 80 additions and 13 deletions
--- a/Database/PostgreSQL.sql
+++ b/Database/PostgreSQL.sql
@@ -0,0 +1,57 @@
+-- PHP-Auth (https://github.com/delight-im/PHP-Auth)
+-- Copyright (c) delight.im (https://www.delight.im/)
+-- Licensed under the MIT License (https://opensource.org/licenses/MIT)
+
+BEGIN;
+
+CREATE TABLE IF NOT EXISTS "users" (
+	"id" SERIAL PRIMARY KEY CHECK ("id" >= 0),
+	"email" VARCHAR(249) UNIQUE NOT NULL,
+	"password" VARCHAR(255) NOT NULL,
+	"username" VARCHAR(100) DEFAULT NULL,
+	"status" SMALLINT NOT NULL DEFAULT '0' CHECK ("status" >= 0),
+	"verified" SMALLINT NOT NULL DEFAULT '0' CHECK ("verified" >= 0),
+	"resettable" SMALLINT NOT NULL DEFAULT '1' CHECK ("resettable" >= 0),
+	"roles_mask" INTEGER NOT NULL DEFAULT '0' CHECK ("roles_mask" >= 0),
+	"registered" INTEGER NOT NULL CHECK ("registered" >= 0),
+	"last_login" INTEGER DEFAULT NULL CHECK ("last_login" >= 0)
+);
+
+CREATE TABLE IF NOT EXISTS "users_confirmations" (
+	"id" SERIAL PRIMARY KEY CHECK ("id" >= 0),
+	"user_id" INTEGER NOT NULL CHECK ("user_id" >= 0),
+	"email" VARCHAR(249) NOT NULL,
+	"selector" VARCHAR(16) UNIQUE NOT NULL,
+	"token" VARCHAR(255) NOT NULL,
+	"expires" INTEGER NOT NULL CHECK ("expires" >= 0)
+);
+CREATE INDEX IF NOT EXISTS "email_expires" ON "users_confirmations" ("email", "expires");
+CREATE INDEX IF NOT EXISTS "user_id" ON "users_confirmations" ("user_id");
+
+CREATE TABLE IF NOT EXISTS "users_remembered" (
+	"id" BIGSERIAL PRIMARY KEY CHECK ("id" >= 0),
+	"user" INTEGER NOT NULL CHECK ("user" >= 0),
+	"selector" VARCHAR(24) UNIQUE NOT NULL,
+	"token" VARCHAR(255) NOT NULL,
+	"expires" INTEGER NOT NULL CHECK ("expires" >= 0)
+);
+CREATE INDEX IF NOT EXISTS "user" ON "users_remembered" ("user");
+
+CREATE TABLE IF NOT EXISTS "users_resets" (
+	"id" BIGSERIAL PRIMARY KEY CHECK ("id" >= 0),
+	"user" INTEGER NOT NULL CHECK ("user" >= 0),
+	"selector" VARCHAR(20) UNIQUE NOT NULL,
+	"token" VARCHAR(255) NOT NULL,
+	"expires" INTEGER NOT NULL CHECK ("expires" >= 0)
+);
+CREATE INDEX IF NOT EXISTS "user_expires" ON "users_resets" ("user", "expires");
+
+CREATE TABLE IF NOT EXISTS "users_throttling" (
+	"bucket" VARCHAR(44) PRIMARY KEY,
+	"tokens" REAL NOT NULL CHECK ("tokens" >= 0),
+	"replenished_at" INTEGER NOT NULL CHECK ("replenished_at" >= 0),
+	"expires_at" INTEGER NOT NULL CHECK ("expires_at" >= 0)
+);
+CREATE INDEX IF NOT EXISTS "expires_at" ON "users_throttling" ("expires_at");
+
+COMMIT;
--- a/README.md
+++ b/README.md
@@ -18,9 +18,9 @@ Completely framework-agnostic and database-agnostic.

 * PHP 5.6.0+
   * PDO (PHP Data Objects) extension (`pdo`)
-     * MySQL Native Driver (`mysqlnd`) **or** SQLite driver (`sqlite`)
+     * MySQL Native Driver (`mysqlnd`) **or** PostgreSQL driver (`pgsql`) **or** SQLite driver (`sqlite`)
   * OpenSSL extension (`openssl`)
- * MySQL 5.5.3+ **or** MariaDB 5.5.23+ **or** SQLite 3.14.1+ **or** other SQL databases that you create the [schema](Database) for
+ * MySQL 5.5.3+ **or** MariaDB 5.5.23+ **or** PostgreSQL 9.5.10+ **or** SQLite 3.14.1+ **or** [other SQL databases](Database)

 ## Installation

@@ -38,7 +38,9 @@ Completely framework-agnostic and database-agnostic.

 1. Set up a database and create the required tables:

+    * [MariaDB](Database/MySQL.sql)
    * [MySQL](Database/MySQL.sql)
+    * [PostgreSQL](Database/PostgreSQL.sql)
    * [SQLite](Database/SQLite.sql)

 ## Upgrading
@@ -96,12 +98,16 @@ Migrating from an earlier version of this project? See our [upgrade guide](Migra
 ```php
 // $db = new \PDO('mysql:dbname=my-database;host=localhost;charset=utf8mb4', 'my-username', 'my-password');
 // or
+// $db = new \PDO('pgsql:dbname=my-database;host=localhost;port=5432', 'my-username', 'my-password');
+// or
 // $db = new \PDO('sqlite:../Databases/my-database.sqlite');

 // or

 // $db = new \Delight\Db\PdoDsn('mysql:dbname=my-database;host=localhost;charset=utf8mb4', 'my-username', 'my-password');
 // or
+// $db = new \Delight\Db\PdoDsn('pgsql:dbname=my-database;host=localhost;port=5432', 'my-username', 'my-password');
+// or
 // $db = new \Delight\Db\PdoDsn('sqlite:../Databases/my-database.sqlite');

 $auth = new \Delight\Auth\Auth($db);
--- a/src/Administration.php
+++ b/src/Administration.php
@@ -510,7 +510,7 @@ final class Administration extends UserManager {
 			throw new DatabaseError();
 		}

-		$numberOfMatchingUsers = \count($users);
+		$numberOfMatchingUsers = ($users !== null) ? \count($users) : 0;

 		if ($numberOfMatchingUsers === 1) {
 			$user = $users[0];
--- a/src/Auth.php
+++ b/src/Auth.php
@@ -48,7 +48,7 @@ final class Auth extends UserManager {
 		$this->sessionResyncInterval = isset($sessionResyncInterval) ? ((int) $sessionResyncInterval) : (60 * 5);
 		$this->rememberCookieName = self::createRememberCookieName();

-		$this->initSession();
+		$this->initSessionIfNecessary();
 		$this->enhanceHttpSecurity();

 		$this->processRememberDirective();
@@ -56,16 +56,18 @@ final class Auth extends UserManager {
 	}

 	/** Initializes the session and sets the correct configuration */
-	private function initSession() {
-		// use cookies to store session IDs
-		\ini_set('session.use_cookies', 1);
-		// use cookies only (do not send session IDs in URLs)
-		\ini_set('session.use_only_cookies', 1);
-		// do not send session IDs in URLs
-		\ini_set('session.use_trans_sid', 0);
+	private function initSessionIfNecessary() {
+		if (\session_status() === \PHP_SESSION_NONE) {
+			// use cookies to store session IDs
+			\ini_set('session.use_cookies', 1);
+			// use cookies only (do not send session IDs in URLs)
+			\ini_set('session.use_only_cookies', 1);
+			// do not send session IDs in URLs
+			\ini_set('session.use_trans_sid', 0);

-		// start the session (requests a cookie to be written on the client)
-		@Session::start();
+			// start the session (requests a cookie to be written on the client)
+			@Session::start();
+		}
 	}

 	/** Improves the application's security over HTTP(S) by setting specific headers */
--- a/tests/index.php
+++ b/tests/index.php
@@ -29,6 +29,8 @@ require __DIR__.'/../vendor/autoload.php';

 $db = new \PDO('mysql:dbname=php_auth;host=127.0.0.1;charset=utf8mb4', 'root', 'monkey');
 // or
+// $db = new \PDO('pgsql:dbname=php_auth;host=127.0.0.1;port=5432', 'postgres', 'monkey');
+// or
 // $db = new \PDO('sqlite:../Databases/php_auth.sqlite');

 $auth = new \Delight\Auth\Auth($db);
Author	SHA1	Message	Date
Marco	58e69fdd0e	Do not pass 'null' to 'count' which triggers a warning since PHP 7.2	2018-03-15 23:32:15 +01:00
Marco	e7e174b05d	Only configure and start session if not already started	2018-03-12 22:29:56 +01:00
Marco	8f35cc9965	Optimize spacing in PostgreSQL schema	2018-03-12 18:44:32 +01:00
Marco	142ccc362f	Shorten line of text in README for better overview	2018-03-12 02:18:44 +01:00
Marco	bce31f9cfc	Link to MariaDB schema separately from MySQL in README	2018-03-12 02:15:35 +01:00
Marco	3ddc7af1b4	Document support for PostgreSQL	2018-03-12 02:11:54 +01:00
Marco	62d9e44aa4	Add check constraints for unsigned integers in PostgreSQL schema	2018-03-12 01:51:33 +01:00
Marco	1121685cef	Improve database schema for PostgreSQL	2018-03-12 01:51:15 +01:00
Tiberiu Chibici	2f9bab4779	Add database schema for PostgreSQL	2018-03-12 00:32:53 +01:00