Home > Backend Development > PHP Tutorial > php personnel authority management (RBAC)

php personnel authority management (RBAC)

迷茫
Release: 2023-03-06 22:10:02
Original
1669 people have browsed it

Before talking about permission management, you should first know what functions permission management has:

 (1) Users can only access, specify Controller, specified method

 (2) Users can exist in multiple user groups

 (3) User groups You can choose the specified controller and the specified method

(4), you can add the controller and method

RBAC (Role-Based Access Control (role-based access control) is where users are associated with permissions through roles. Simply put, a user has several roles, and each role has several permissions. In this way, a "user-role-permission" authorization model is constructed. In this model, there is generally a many-to-many relationship between users and roles, and between roles and permissions.

1. Database design

Write five tables, first: user table, role table, function table:

Connection Table of tables.. Next is the role function table and user role table:

2. Administrator's Management page,

<?php
    include ("../db.class.php");
    $db = new db();
    $sql = "select * from qxyh";
    $arr = $db->Query($sql);
    foreach ($arr as $v)
    {
        echo "<option value=&#39;{$v[0]}&#39;>{$v[2]}</option>";
    }

    ?>
Copy after login

(1). Display user name and role name respectively

(2). According to the drop-down user name Change, change the role in the corresponding check box

(3). When modifying the user role, first delete the user's corresponding role table and all the information of this user, and then retrieve The username and role code are newly added.

Use the drop-down list: embed the php query and traverse it, display it in the form of a drop-down list

Select the role, use multiple Marquee:


<p style="margin-bottom: 7px;"><p>请选择角色<br/><?php<br/>$sjs = "select * from qxzw";<br/>$ajs = $db->Query($sjs);<br/>foreach ($ajs as $v){    <br/>    echo "<input type=&#39;checkbox&#39; value=&#39;{$v[0]}&#39; class=&#39;ck&#39;/>{$v[1]} ";<br/>}?><br/></p><br/><input type="button" value="确定" id="btn"/><br/></p>
Copy after login

Picture:

##When the user changes, the corresponding role also changes accordingly, and the person's role information is changed and added and saved. The basic idea of ​​adding and saving is to first delete all the role information corresponding to the person in the database, and then retrieve it. The selected part is added to the database.

Let him select the default role first:

<script>
  //选中默认角色
    function xuan()
    {
        var uid = $("#user").val();
        $.ajax({
            url:"chuli.php",
            data:{uid:uid,type:0},
            type:"POST",
            dataType:"TEXT",
            success:function(data)
            {

                var juese = data.trim().split("|");
                //拆分完全都变成代号
                var ck = $(".ck");
                ck.prop("checked",false);

                for(var i=0;i<ck.length;i++)
                {
                    //便利所有的列表
                    if(juese.indexOf(ck.eq(i).val())>=0)
                    {
                        ck.eq(i).prop("checked",true);
                    }
                }
            }
        });
    }

</script>
Copy after login

To write his processing page:

<?php
include ("../db.class.php");
$db = new db();
$type = $_POST["type"];
switch ($type)
{
    case 0:
        $uid = $_POST["uid"];
        $sql = "select jid from qxyhzw WHERE uid=&#39;{$uid}&#39;";
        echo $db->strQuery($sql);
break;
}
Copy after login

Let’s take a look at the final result. If you log in successfully, you will enter the homepage. If you log in failed, you will get an error

## Come again, save button:

<script>//当用户变化的时候去选中相应角色
        $("#user").change(function(){
            xuan();
        })        //点击确定保存角色信息
        $("#btn").click(function(){            var uid = $("#user").val();            //找到用户名
            var juese = "";//           找到角色代号
            var ck = $(".ck");            //找到所有的checked
            for(var i=0;i<ck.length;i++)
            {//                遍历他
                if(ck.eq(i).prop("checked"))
                {//                    如果他选中了,两个参数是改他的状态
                    //娶过来值;加个|分割一下
                    juese += ck.eq(i).val()+"|";
                }
            }
            juese = juese.substr(0,juese.length-1);//            去掉最后的|            $.ajax({
                url:"chuli.php",
                data:{uid:uid,juese:juese,type:1},
                type:"POST",
                dataType:"TEXT",
                success:function(data){
                    alert("修改成功");
                }
            });

        })
    });</script>
Copy after login

Processing page:

<?php
include ("../db.class.php");
$db = new db();
$type = $_POST["type"];

switch ($type)
{ 
   case 1:
        $uid = $_POST["uid"];
        $juese = $_POST["juese"];
        //        首先全部删掉里面的职位
        $sdel = "delete from qxyhzw WHERE uid = &#39;{$uid}&#39;";
        $db->Query($sdel,0);
        //拆分取到的字符串
        $arr= explode("|",$juese);
        foreach ($arr as $v)
        {
            $sql = "insert into qxyhzw VALUES (&#39;&#39;,&#39;{$uid}&#39;,&#39;{$v}&#39;)";
            $db->query($sql,0);
        }
        echo "ok";
        break;
}
Copy after login

See the effect:

The role is selected by default;

Choose to save after making changes:

#Management page summary Code:




    无标题文档
    


用户与角色管理

请选择用户
请选择角色 Query($sjs); foreach ($ajs as $v) { echo "{$v[1]} "; } ?>
</body>
Copy after login

Total code for processing page:

<?php
include ("../db.class.php");
$db = new db();
$type = $_POST["type"];

switch ($type)
{
    case 0:
        $uid = $_POST["zhang"];
        $sql = "select jid from qxyhzw WHERE uid=&#39;{$uid}&#39;";
        echo $db->strQuery($sql);
break;
    case 1:
        $uid = $_POST["zhang"];
        $juese = $_POST["juese"];
        //        首先全部删掉里面的职位
        $sdel = "delete from qxyhzw WHERE uid = &#39;{$uid}&#39;";
        $db->Query($sdel,0);
        //拆分取到的字符串
        $arr= explode("|",$juese);
        foreach ($arr as $v)
        {
            $sql = "insert into qxyhzw VALUES (&#39;&#39;,&#39;{$uid}&#39;,&#39;{$v}&#39;)";
            $db->query($sql,0);
        }
        echo "ok";
        break;
}
Copy after login

##3. Login page:

The display is very simple:

<form action="drcl.php" method="post">
    <p>帐号:<input type="text" name="zhang"/></p>
    <p>密码:<input type="text" name="mi"/></p>
    <input type="submit" value="登入"/></form>
Copy after login

Write login processing

<?php
session_start();
include ("../db.class.php");
$db = new db();
$zhang = $_POST["zhang"];
$mi = $_POST["mi"];
$sql = "select mi from qxyh WHERE zhang = &#39;{$zhang}&#39;";$mm = $db->strQuery($sql)>0;
if($mm = $mi && !empty($mi)){    
    $_SESSION["zhang"] = $zhang;    
    header("location:chaxun.php");
}//else
//{
//    echo "登入失败";
//}
Copy after login
Jump to the main page, main page code:

Everyone’s main page is different of

<body><h1>主页面</h1>
Copy after login
<?php
session_start();
include ("../db.class.php");
$db = new db();$zhang = "";
if(empty($_SESSION["zhang"]))
{    
header("location:qx_dr.php"); exit;
}//登入者用户名
    $zhang = $_SESSION["zhang"];//根据用户名查角色$sql = "select jid from qxyhzw WHERE uid = &#39;{$zhang}&#39;";$aql = $db->Query($sql);//根据角色代号查功能代号$attr = array();//定义一个存放功能代号的数组foreach ($aql as $v)
{   $jsid = $v[0];// 角色代号
    $ssql = "select rid from qxgnzw WHERE jid=&#39;{$jsid}&#39;";    $aaql = $db->strQuery($ssql);//拆分
    $adai = explode("|",$aaql);    foreach ($adai as $h)
    {       array_push($attr,$h);
    }
}$attr = array_unique($attr);//去重
//显示foreach ($attr as $k)
{    $ql = "select * from qxgn WHERE code = &#39;{$k}&#39;";    
$arr = $db->Query($ql);    arr[0][0];    $arr[0][1];    echo "<p code=&#39;{$arr[0][0]}&#39;>{$arr[0][1]}</p>";
}?>
Copy after login
</body>
Copy after login

 

 

用php的用户体验不好,最好还是得用ajax

The above is the detailed content of php personnel authority management (RBAC). For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template