A detailed description of the RBAC permissions in PHP

This article is mainly to share with you PHP RBAC permissions in detail, I hope to help everyone, first of all we should know what rights management to have what functions:

(1), the user can only access, the specified controller, the specified method

(2), the user can exist in multiple user groups

(3), user group can choose, specify the controller, the specified method

(4), can add controller and method

RBAC (role-based access control, role-based access controls) is where users are associated with permissions through roles. Simply put, a user has several roles, and each role has several permissions. In this way, a "user-role-permission" authorization model is created. In this model, there are many-to-many relationships between the user and the role, and between roles and permissions.

1. Design of the database

Write five tables, first: User tables, role tables, function tables:

Table to join table: And then it's the role menu and the User Role table:

2. Admin's admin page,

(1). Display user name and role name, respectively

(2). Change the role in the corresponding check box based on the change in the user name of the drop-down

(3). When you modify a user role, the user's corresponding role table, the user all the information is deleted, and then the user name and role code to add new.

Use the drop-down list: Embed PHP query and walk it out, the following drop-down list of the way to show it

<select id= "User" >

  <?php    include (".. /db.class.php ");    $db = new db ();    $sql = "SELECT * from Qxyh";    $arr = $db->query ($sql);    foreach ($arr as $v)    {        echo "<option value= ' {$v [0]} ' >{$v [2]}</option>";    }    ? >

</select>

To select a role, use the Multi box:

<p> Select Role <?php$sjs = "SELECT * from Qxzw", $ajs = $db->query ($SJS), foreach ($ajs as $v) {    echo "<input ty pe= ' checkbox ' value= ' {$v [0]} ' class= ' ck '/>{$v [1]} "; ></p><input type= "button" value= "OK" id= "btn"/>

Figure:

When the user changes, the corresponding role also changes, and change the role of the person information, add save, add the basic idea of saving is to first the database personnel corresponding role information is deleted, and then to the selected section, added to the database.

First, let him select the default role:

<script>  //Select default Role    function Xuan ()    {        var uid = $ ("#user"). Val ();        $.ajax ({            URL: "chuli.php",            data:{uid:uid,type:0},            type: "POST",            dataType: "TEXT",            success: function (data)            {                var Juese = Data.trim (). Split ("|");                The split completely becomes the codename                var ck = $ (". CK");                Ck.prop ("Checked", false);                for (Var i=0;i<ck.length;i++)                {                    //convenience all list                    if (Juese.indexof (Ck.eq (i). Val ()) >=0)                    {                        Ck.eq (i). Prop ("checked", True);}}}        );    </script>

To write his processing page:

<?phpinclude (".. /db.class.php "), $db = new db (), $type = $_post[" type "];switch ($type) {case    0:        $uid = $_post[" UID "];        $sql = "Select Jid from Qxyhzw WHERE uid= ' {$uid} '";        echo $db->strquery ($sql);

We look at the final result, login success will go to the homepage, login failure will prompt error

Again, save the button:

<script>//when the user changes, select the appropriate role $ ("#user"). Change (function () {Xuan ();            })//Click OK to save the role information $ ("#btn"). Click (function () {var uid = $ ("#user"). Val ();            Find the user name var Juese = "";//Find the role code var CK = $ (". CK"); Find all checked for (Var i=0;i<ck.length;i++) {//traverse him if (Ck.eq (i). Pro                    P ("checked")) {//If he is selected, two parameters are changed to his state//marry over value; add a | split up            Juese + = Ck.eq (i). Val () + "|";}}            Juese = Juese.substr (0,juese.length-1);//Remove the Last |                $.ajax ({url: "chuli.php", data:{uid:uid,juese:juese,type:1}, type: "POST",                DataType: "TEXT", success:function (data) {alert ("modified successfully");        }            }); })});</script>

Processing page:

<?phpinclude (".. /db.class.php "), $db = new db (), $type = $_post[" type "];switch ($type) {case    1:        $uid = $_post[" UID "];        $juese = $_post["Juese"];        first of all, remove the position        $sdel = "Delete from qxyhzw WHERE uid = ' {$uid} '";        $db->query ($sdel, 0);        The string to split        $arr = Explode ("|", $juese);        foreach ($arr as $v)        {            $sql = "INSERT INTO Qxyhzw VALUES (', ' {$uid} ', ' {$v} ')";            $db->query ($sql, 0);        }        echo "OK";        break;}

Look at the effect:

The role is selected by default;

Select Save after change:

Admin Page Total Code:

View Code

To process the page total code:

<?phpinclude (".. /db.class.php "), $db = new db (), $type = $_post[" type "];switch ($type) {case    0:        $uid = $_post[" Zhang "];        $sql = "Select Jid from Qxyhzw WHERE uid= ' {$uid} '";        echo $db->strquery ($sql);    Case 1:        $uid = $_post["Zhang"];        $juese = $_post["Juese"];        first of all, remove the position        $sdel = "Delete from qxyhzw WHERE uid = ' {$uid} '";        $db->query ($sdel, 0);        The string to split        $arr = Explode ("|", $juese);        foreach ($arr as $v)        {            $sql = "INSERT INTO Qxyhzw VALUES (', ' {$uid} ', ' {$v} ')";            $db->query ($sql, 0);        }        echo "OK";        break;}

3. Log In page:

The display is simple:

<form action= "drcl.php" method= "POST" >    <p> Account: <input type= "text" Name= "Zhang"/></p>    <p> Password: <input type= "Text" Name= "Mi"/></p>    <input type= "submit" value= "Log In"/></ Form>

Write Log in processing

<?phpsession_start (); Include (".. /db.class.php "), $db = new db (), $zhang = $_post[" Zhang "]; $mi = $_post[" Mi "]; $sql =" Select Mi from qxyh WHERE zhang = ' {$zh Ang} ' "; $mm = $db->strquery ($sql) >0;if ($mm = $mi &&!empty ($mi)) {    $_session[" Zhang "] = $zhang;    Header ("location:chaxun.php");} else//{//    echo "Log in Failed";//}

Jump to Main page, main page code:

Everyone's homepage is different.

<body>
<?phpsession_start (); Include (".. /db.class.php "), $db = new db (), $zhang =" ", if (Empty ($_session[" Zhang ")) {    header (" location:qx_dr.php ");    Exit;} Login user name    $zhang = $_session["Zhang"];//based on user name check role $sql = "Select Jid from qxyhzw WHERE uid = ' {$zhang} '"; $aql = $db->q Uery ($sql);//Based on the role code $ATTR = Array ();//define an array that holds the function code, foreach ($aql as $v) {   $jsid = $v [0];//role code    $SSQL = " Select Rid from QXGNZW WHERE jid= ' {$jsid} ';    $AAQL = $db->strquery ($ssql);//split    $adai = Explode ("|", $AAQL);    foreach ($adai as $h)    {       Array_push ($attr, $h);}    } $attr = Array_unique ($attr);//de-weight//display foreach ($attr as $k) {    $QL = "SELECT * from qxgn WHERE code = ' {$k} '";    $arr = $db->query ($QL);    $arr [0][0];    $arr [0][1];    echo "<p code= ' {$arr [0][0]} ' >{$arr [0][1]}</p>";}? >
</body>

The user experience with PHP is not good, it is best to use Ajax.