When PHP page is accessed, the design of the unified permission verification

Visit | design | page

At night someone asked me about the Site page display, the right to judge the problem. So I have this article again.

In fact, there are many ways to achieve this.

1, you can be in each page alone to judge the right, this is the most popular method.
2, you can make a configuration file for each final page file, used for permission to judge, when the user visited this page, through a function to determine whether there is this file. If there is, it is based on the contents of the file to determine the permissions, if it does not exist, do not have permission to judge.
3, is a unified judgment, to do a separate function, through a certain configuration for the right to judge.

The following example is the third method, which is suitable for any situation and is more generic.

Step one, collation access path information, the need for permission to verify the path to organize, sorted into a list
Second, the collation of the need for permission to verify the classification, for each kind of permission validation as a separate function,
Step three, the corresponding relationship between access path and permission validation function, press 1:1 to write to a configuration file or an array, for example, the $filter array in the following filter.php
Step four, do a validation function, resolve the current access path, to make the right to judge.

Briefly, filter.php is used to contain the documentation of the verification information, authorization () is a core scheduling function, please note that the function inside the description, application.php is a normal paging file. The function in the example does not have the concrete realization, adds oneself.

Document I, filter.php
<?php

$filter = Array ('/admin ' => ' Adminlogin '),
'/admin/useradmin ' => ' Poweradminlogin ',
'/myshop ' => ' userlogin '
);

function Adminlogin () {
Return ' is admin? ' ' SUCCESS ': ' FALSE ';
}

function Poweradminlogin () {
Return ' is super admin? ' ' SUCCESS ': ' FALSE ';
}

function Userlogin () {
Return ' is a member? ' ' SUCCESS ': ' FALSE ';
}

function Authorization () {
Global $filter;
Remove and parse the current access URL path to determine if the $filter contains the current path to filter

For example, the current access path is http://www.hahawen.com/admin/userAdmin/gogo.php
Take out the/admin/useradmin/gogo to determine if $filter contains this path.
If not, just take out the/admin/useradmin to determine if $filter contains the path.
If there is a return $filter, this path (/admin/useradmin) corresponds to the value $value,
In fact, this $value is the name of a function,
This function is used to determine whether the current user, the current access path, has access to the function
Call this function by $value () to return "success" or "fail"
If it fails, it is redirected to the error page, or it can be handled in the $value () function.
If successful, returns true

For example, the current access path is http://www.hahawen.com/news/happy/list.php
Take out the/news/happy/list to determine if $filter contains this path.
If not, just take out the/news/happy to determine if $filter contains the path.
If not, just take out the/news to determine if $filter contains the path.
If not, it means that the page is not authorized to authenticate.
Returns True
}

?>

Document II, application.php

?
Require_once "filter.php";
Authorization ();
The other operation.
?>