yotaku的开发日志(一)
yotaku的开发日志(1)
2015-12-18 21:17:46
连续看了几天的ThinkPHP框架,目前看到基于角色的用户访问权限控制。
相关代码如下:
数据库
用户表(管理员)
| mg_id | mg_name | mg_pwd | mg_time | mg_role_id |
|---|---|---|---|---|
| 0 | creatint | 123 | 2587413547 | 1 |
| 1 | yotaku | 123 | 258744984 | 4 |
CREAATE TABLE `sw_manager` ( `mg_id` int(11) NOT NULL AUTO_INCREMENT, `mg_name` varchar(32) NOT NULL, `mg_pwd` varchar(32) NOT NULL, `mg_time` int(10) unsigned NOT NULL COMMENT '时间', `mg_role_id` tinyint(3) unsigned NOT NULL DEFAULT '0' COMMENT '角色id', PRIMARY KEY (`mg_id`)) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
权限表
| auth_id(权限ID) | auth_name(权限名称) | auth_pid(父id) | auth_c(控制器) | auth_a(操作方法) | auth_path(全路径) | auth_level(权限级别) |
|---|---|---|---|---|---|---|
| 100 | 产品中心 | 0 | '' | '' | 100 | 0 |
| 101 | 产品展示 | 100 | ManagerController | show | 100-101 | 1 |
CREATE TABLE `sw_auth` ( `auth_id` smallint(6) unsigned NOT NULL AUTO_INCREMENT, `auth_name` varchar(20) NOT NULL COMMENT '权限名称', `auth_pid` smallint(6) unsigned NOT NULL COMMENT'父id', `auth_c` varchar(32) NOT NULL DEFAULT '' COMMENT '控制器', `auth_a` varchar(32) NOT NULL DEFAULT '' COMMENT '操作方法', `auth_path` varchar(32) NOT NULL COMMENT '全路径', `auth_level` tinyint(4) NOT NULL DEFAULT '0' COMMENT '级别', PRIMARY KEY(`auth_id`)) ENGING-InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
角色表
| role_id | role_name | role_auth_ids | role_auth_ac |
|---|---|---|---|
| 0 | 站主 | 1,3,9 | 操作器-控制器,操作器-控制器,... |
| 1 | 高级管理员 | 1,2,3,9,12 | 操作器-控制器,操作器-控制器,... |
CREATE TABLE `sw_role` ( `role_id` smallint(6) unsigned NOT NULL AUTO_INCREMENT, `role_name` varchar(20) NOT NULL COMMENT '角色名称', `role_auth_ids` varchar(128) NOT NULL DEFAULT '' COMMENT '权限id,1,3,..', `role_auth_ac` text COMMENT '控制器2-操作3,控制器1-操作6,...', PRIMARY KEY(`role_id`)) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;<br><br>
数据模拟:
1.权限数据
产品中心(产品展示,最新产品,分类管理,子类管理) 高级管理(用户留言,留言簿,产品订购,文件管理) 系统管理(基本设置,样式管理,首页设置,管理员列表)
<span class="zhushi">顶级权限</span>insert into sw_auth values ( 100,'产品中心',0,'','',100,0 );insert into sw_auth values ( 101,'高级管理',0,'','',101,0 );insert into sw_auth values ( 102,'系统管理',0,'','',102,0 );insert into sw_auth values ( 103,'权限管理',0,'','',103,0 );<span class="zhushi">次级权限</span>insert into sw_auth values ( 104,'产品展示',100,'Goods','show','100-104',1 );insert into sw_auth values ( 105,'最新产品',100,'Goods','showlist','100-105',1 );insert into sw_auth values ( 106,'分类管理',100,'Goods','cate','100-106',1 );insert into sw_auth values ( 107,'用户留言',101,'Goods','words','101-107',1 );insert into sw_auth values ( 108,'留言簿', 101,'Goods','wordsbook','101-108',1 );insert into sw_auth values ( 109,'基本设置',102,'Goods','set','102-109',1 );insert into sw_auth values ( 110,'样式管理',102,'Goods','css','102-110',1 );insert into sw_auth values ( 111,'用户列表',103,'Goods','userlist','103-111',1 );insert into sw_auth values ( 112,'角色管理',103,'Goods','role','103-112',1 );insert into sw_auth values ( 113,'权限列表',103,'Goods','auth','103-113',1 );
2.角色数据
sw_role 站主 所有权限(103,104,105,106,107,108,109) 管理员 部分权限(104,105,109) 版主 部分权限(103,108)
<span class="zhushi">角色</span>insert into sw_role values (10,'站主','100,101,102,103,104,105,106,107,108,109,110,111,112,113','Goods-show,Goods-showlist,Goods-cate,Goods-words,Goods-wordsbook,Goods-set,Goods-css');insert into sw_role values (11,'管理员','100,102,104,105,109','Goods-showlist,Goods-cate,Goods-css');insert into sw_role values (12,'版主','100,101,103,106,108,113','Goods-show,Goods-set');
3.流程说明
Index控制器内 获取用户的角色id,进而获得角色权限 进行判断是否展现数据 Index控制器--->left方法--->left.html模板 Index控制器
$mg_id = session('admin_id'); $manager_info = D('Manager')->find($mg_id); $role_id = $manager_info['mg_role_id']; $role_info = D('Role')->find($role_id); $auth_ids = $role_info['role_auth_ids']; $auth_infoA = D('Auth')->where("auth_level=0 and auth_id in($auth_ids)")->select(); $auth_infoB = D('Auth')->where("auth_level=1 and auth_id in($auth_ids)")->select(); $this->assign('auth_infoA',$auth_infoA); $this->assign('auth_infoB',$auth_infoB); $this->assign('auth_info',$auth_info); $this->display();4.模板 left.html
{foreach $auth_infoA as $k=>$v}
background={$smarty.const.ADMIN_IMG_URL}/menu_bt.jpg >{$v.auth_id}) href="javascript:void(0);">{$v.auth_name}
{foreach $auth_infoB as $k2=>$v2} {if $v2.auth_pid == $v.auth_id} {/if} {/foreach}
{$v.auth_id} style="display: none" cellspacing=0 cellpadding=0 width=150 border=0>
{$smarty.const.ADMIN_IMG_URL}/menu_icon.gif" width=9>
{$smarty.const.__MODULE__}/{$v2.auth_c}/{$v2.auth_a}" target=right>{$v2.auth_name}
{/foreach}
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1378
52
What is the difference between insert ignore, insert and replace in mysql
May 29, 2023 pm 04:40 PM
The difference between insertignore, insert and replace instructions already exist or not. Example of insert error. Insertintonames(name,age)values("Xiao Ming", 23); insertignore ignores insertignoreintonames(name, age)values("Xiao Ming", 24); replace Replace and insert replaceintonames(name,age)values("Xiao Ming", 25); table requirements: PrimaryKey, or unique index result: the table id will be automatically incremented. Test code creates table
Using Auth0 for authentication in Java API development
Jun 18, 2023 pm 05:30 PM
In modern software development, identity authentication is a very important security measure. Auth0 is a company that provides identity authentication services. It can help developers quickly implement multiple identity authentication methods (including OAuth2, OpenIDConnect, etc.) and provide safe and reliable authentication services. In this article, we will introduce how to use Auth0 for authentication in JavaAPI development. Step 1: Create an Auth0 account and register the application. First, we need to
Use java's StringBuilder.insert() function to insert a string at the specified position
Jul 24, 2023 pm 09:37 PM
Use java's StringBuilder.insert() function to insert a string at a specified position. StringBuilder is a class in Java used to handle variable strings. It provides a variety of methods to operate strings. The insert() function is used to insert strings at specified positions. One of the common methods of positionally inserting strings. In this article, we will introduce how to use the insert() function to insert a string at a specified position and give corresponding code examples. insert()
How to add, edit and delete table rows in jQuery?
Sep 05, 2023 pm 09:49 PM
In today's era of web development, effective and efficient table management has become very important, especially when dealing with data-heavy web applications. The ability to dynamically add, edit, and delete rows from a table can significantly enhance the user experience and make applications more interactive. An effective way to achieve this is to leverage the power of jQuery. jQuery provides many features to help developers perform operations. Table rows A table row is a collection of interrelated data, represented by elements in HTML. It is used to group together cells (represented by elements) in a table. Each element is used to define a row in the table, and for multi-attribute tables, it usually contains one or more elements. Syntax$(selector).append(co
How to use Supabase Auth method in Vue3
May 28, 2023 am 08:39 AM
Introduction Supabase is a self-proclaimed "open source Firebase alternative". I've been interested in working with Supbase for a while and thought I'd try using their authentication API to set up authentication for a Vue.js3 application. First of all, why should you use SupabaseAuth? The bottom line is that if you're using Supabase as your data store, (which has some pretty sweet benefits), SupabaseAuth is the only way you can manage access to that data. Secondly, although SupabaseAuth also has many different functions. User permissions without middleware (row-level security via Postgres)
Implementing PHP security authentication using Auth0
Jul 25, 2023 pm 02:09 PM
Using Auth0 to implement PHP security verification Introduction: In modern web development, security verification is a crucial part. In order to protect users' privacy and data security, we need to take measures to ensure that only authorized users can access sensitive information or perform specific operations. Auth0 is a popular authentication and authorization platform that provides simple and powerful solutions to help us achieve secure verification. This article will introduce how to use Auth0 to implement PHP security verification and provide code
insert statement
Sep 15, 2023 pm 01:30 PM
The basic syntax of the insert statement is "INSERT INTO table name (column 1, column 2, column 3, ...), VALUES (value 1, value 2, value 3, ...);", "table name" is to be inserted The name of the data table. "Column 1", "Column 2", "Column 3", etc. are the names of the columns in the table where data is to be inserted. "Value 1", "Value 2", "Value 3", etc. are the names of the columns to be inserted. data value.
Use the insert() method of the StringBuilder class in Java to insert a string into a specified location
Jul 25, 2023 pm 05:18 PM
In Java, use the insert() method of the StringBuilder class to insert a string into a specified location. In Java, if you need to insert an existing string, you can use the insert() method of the StringBuilder class. StringBuilder is a variable character sequence that provides a series of methods to modify and operate strings. Using the insert() method, you can insert a string into the original string at a specified position, thus
