For a website's background management system, a single Super Administrator privilege often cannot meet our needs. especially for large websites, such a single privilege will lead to many problems.
For example, when editing a website, he is only responsible for updating the company's website announcements. However, if the website background does not have strict permission restrictions, can he perform operations on the customer's information, this is a big risk.
If you have learned the ThinkPHP framework, you must know that RBAC is a thing. today, let's not talk about that. in the native PHP language, how can we implement cross-permission control.
Well, let's not talk much about it. let's talk about the principle and code.
Cross-control of permissions can be implemented in many ways. here we only provide one idea: (I use the binary number method)
1. here we first mention the bitwise AND and bitwise OR calculation methods:
1. bitwise AND operator (&)The two data involved in the operation perform the "and" operation in binary bits.
Calculation rule: 0 & 0 = 0; 0 & 1 = 0; 1 & 0 = 0; 1 & 1 = 1;
That is, if the two digits are "1" at the same time, the result is "1". Otherwise, the value is 0.
For example, 3 & 5 means 0000 0011 & 0000 0101 = 0000 0001. Therefore, 3 & 5 is worth 1.
In addition, negative numbers are involved in bitwise and computation in the form of supplementary codes.
2. bitwise OR operator (|)
The two objects involved in the operation perform the "or" operation in binary bits.
Calculation rules: 0 | 0 = 0; 0 | 1 = 1; 1 | 0 = 1; 1 | 1 = 1;
That is, if one of the two objects involved in the operation is 1, the value is 1.
For example, 3 | 5 is 0000 0011 | 0000 0101 = 0000 0111. Therefore, 3 | 5 is worth 7.
In addition, negative numbers are involved in bitwise OR operations in the form of supplementary codes.
After learning about bitwise and bitwise OR operations, let's look at the following example:
1
I have created four permissions for addition, deletion, modification, and query and set them as constants.
The binary number of 1 is 1000, the binary number of 4 is, and the binary number of 8 is, which is just a regular rule.
Some may ask how the above permission variables admin, editer, and user correspond to 1111,1101, 1000?
In PHP, a decimal number to binary number function is called decbin ()
The corresponding function explanation is as follows:
Decbin (PHP 3, PHP 4, PHP 5) decbin -- Convert decimal to binary description string decbin (int number)
Returns a string containing the binary representation of the given number parameter. The maximum value to be converted is 4294967295 in decimal format, and the result is a string of 32 characters. Example 1. decbin () In the previous example, the output is as follows: 110011010 see bindec (), decoct (), dechex () and base_convert ().
Let's take a look at the test output:
1 "; 15 echo decbin ($ editer )."
"; 16 echo decbin ($ user )."
"; 17 18 19?>
Output result:
Then we can use this operation to determine the permissions. 1 indicates that you have permissions, and 0 indicates that you have no permissions.
For example:
Admin (Super Administrator) has the permission to add, delete, modify, and query, that is, 1111 --> 0000 1111
Editer (Website Editing) has the permission to add, modify, and query, that is, 1101 --> 0000 1101
Users (normal users) only have the permission to browse and query, that is, 1000 --> 0000 1000
Then we only need to perform bitwise and operations on them to determine whether they have the permission.
For example:
Website Editing permission 0000 1101 | 0000 0010 (delete permission decimal: 2 to binary: 10) result: 0000 0000 is not authorized
Try again
Normal user permissions: 0000 1000 | 0000 0001 (add permission in decimal format: 1 binary value: 1) result: 0000 0000 is also not permitted
Super administrator permissions: 0000 1111 | 0000 1101 (website editing permission) result: 0000 1111 is the website editing permission.
Let's take a look at the specific instance.
I created a database with two tables in it.
One is the user table:
Gid indicates the group id of the permission table.
One is the permission table:
Flag indicates the permission to add, delete, modify, and query. you can define it as needed.
Basic Configuration page: config. php
1
Log on to the homepage: index.html
1234 5Document678 9 account: 10 password: 11 12 1314
Submit page: action. php
1
As follows:
Easy to handle ~
Here is just a simple DEMO, hoping to serve as an example. as for specific projects, permission control is a complex function.
How to implement cross-member in PHP?
I don't understand .,,...
Php framework is more influential than native php.
It will certainly be slower, but this is acceptable. The performance loss caused by the adoption of the framework is constant. for example, for all functions, the use of the framework and direct encoding may always be 0.002 milliseconds slower. However, you do not need to care about such losses. This loss is worthwhile because of its great advantages over the framework.
The framework can greatly improve development efficiency.
Greatly save maintenance costs
Easier project handover
Therefore, we would rather choose a framework for efficiency loss. For efficiency, you can consider upgrading servers and other measures to improve the efficiency.
In the background management system of a website, a single Super Administrator privilege cannot meet our needs, especially...
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
