Cross-member privilege control based on native PHP
For a website of the background management system, a single super Administrator permissions often do not meet our needs, especially for large sites, this single permission can cause a lot of problems arise. For example: A website editor, usually he is only responsible for the company's website bulletin update, but if the site background does not have strict restrictions on permissions, he is not able to operate to the customer some information, which is a great hidden danger. If you have learned the thinkphp framework of a friend must know that there is a thing called RBAC, today we do not say that, to say in the native PHP language, how to achieve cross-permission control. Well, words do not say, the old look, directly said the principle, on the code. There are a number of ways to implement cross-control of permissions, and here's just one way of thinking: (I'm using a binary number method). First, here is the bitwise AND and bitwise OR of the operation method: 1, bitwise AND operator (&) participate in the operation of two data, press bits for "and" operation. (The AND operator = whether there are values such as: 7&8=0) operation rules:0&0=0; 0&1=0; 1&0=0; 1&1=1; That is, the two-bit is "1" at the same time, the result is "1", otherwise 0 for example: 3&5 that is 0000 0011 & 0000 0101 = 0000 0001 Therefore, 3&5 is worth 1. In addition, negative numbers participate in bitwise and arithmetic in the form of complement. 2, the bitwise OR operator (|) participates in the operation of two objects, pressing bits for "or" operation. (the "or" operation = can contain values such as: 7=4|2|1, with "XOR" to remove the rules of operation including: 7^2): 0|0=0; 0|1=1; 1|0=1; 1|1=1; that is: two objects that participate in an operation have a value of 1 and 1. Example: 3|5 0000 0011 | 0000 0101 = 0000 0111 Therefore, the 3|5 is worth 7. In addition, negative numbers participate in a bitwise OR operation in the complement form. Knowing the bitwise-and-bitwise OR operations, let's take a look at the following example: Copy code 1 Copy code I changed the number of additions and deletions into 4 permissions and set as a constant 1 binary numbers is the binary number is 10,4 binary numbers is the binary number of 100,8 is 1000, here just into a law may some friends will ask the above permission variable Admin,editor, How did the user's 1111,1101,1000 come from? PHP has a decimal number to the binary number function called Decbin () the following is the corresponding function interpretation: Copy code Decbin (PHP 3, PHP 4, PHP 5) Decbin--Decimal conversion to binary description string decbin (int number) Returns a string that contains a binary representation of the given number parameter. The maximum value that can be converted is a decimal of 4294967295, and the result is a string of 32 1. Example 1. Decbin () example The example above will output: 110011010 see Bindec (), Decoct (), Dechex () and Base_convert (). Copy the code, let's test the output. Copy Code 1 "; Echo Decbin ($editor)."
"; Echo Decbin ($user)."
";"?> copy code output: Then we can use this operation to determine the permissions, 1 for the permission, 0 for the non-privileged such as: admin (Super Administrator) has the permission is to delete and change the search is 1111-->0000 1111 editor ( Website editor) has the right to increase, change, check that is 1101-->0000 1101 user (ordinary users) only have access to browse, query permission is 1000-->0000 1000 then we can just bitwise AND operation on them to determine whether there are permissions such as: (from back to front) take decimal (Database store type value) to binary for "and" operations site Edit permissions 0000 1101 (Permissions decimal) & 0000 0010 (Delete permissions decimal 2 to binary 10) result: 0000 0000 that is, no permissions to come again Try normal user rights 0000 & 0000 0001 (Add permission decimal to 12 in 1) results: 0000 0000 Same does not have permissions Super Administrator rights 0000 1111 & 0000 1101 (Permissions for site editing) results: 0 000 1101 that is, you have the permission to edit the site. I built a database with 2 tables and a user table: The group ID of the GID representative permission table is a permission table: flag represents the permission to change or delete, can be defined according to their own needs Basic Configuration page: config.php copy code 1 Copy Code Login home: index.html copy code 1234 5 <title>Document</title>678 1314Copy Code Submission page: action.php copy code 1
http://www.bkjia.com/PHPjc/862109.html www.bkjia.com true http://www.bkjia.com/PHPjc/862109.html techarticle based on the native PHP cross-member rights control for a website of the back-end management system, a single super administrator privileges often can not meet our needs, especially for large sites, ...
