Detailed explanation of PHP's RBAC permissions

This article mainly shares with you a detailed explanation of PHP's RBAC permissions. I hope it can help everyone. First of all, we should know what functions are required for permission management:

　(1). Users can only access specified controls. Controller, specified method

　(2) Users can exist in multiple user groups

　(3) User groups can be selected, specified controller, specified method

(4) You can add controllers and methods

RBAC (Role-Based Access Control, role-based access control), which means users are associated with permissions through roles. Simply put, a user has several roles, and each role has several permissions. In this way, a "user-role-permission" authorization model is constructed. In this model, there is generally a many-to-many relationship between users and roles, and between roles and permissions.

1. Database design

Write five tables, first: user table, role table, function table:

The table of the connection table...Then there is the role function table and the user role table:

2. Administrator's management Page,

(1). Display the user name and role name respectively

(2). According to the change of the drop-down user name, change the role in the corresponding check box

(3). When modifying a user role, first delete the user's corresponding role table and all information about this user, and then add the obtained user name and role code.

Use drop-down list: embed php query and traverse it, display it as a drop-down list

<select></select>

  <?php     include ("../db.class.php");    $db = new db();    $sql = "select * from qxyh";    $arr = $db->Query($sql);    foreach ($arr as $v)
    {        echo "<option>{$v[2]}</option>";
    }    ?>

Select the character and use the multi-select box:

<p>请选择角色<?php $sjs = "select * from qxzw";$ajs = $db->Query($sjs);foreach ($ajs as $v)
{    echo "<input>{$v[1]} ";
}?>
</p>
<input>

Picture:

When the user changes, the corresponding role also changes accordingly, and the role of the person is changed. Information, add and save, the basic idea of ​​adding and saving is to first delete all the role information corresponding to the person in the database, and then fetch the selected part and add it to the database.

First let him select the default role:

<script>  //选中默认角色
    function xuan()
    {        var uid = $("#user").val();
        $.ajax({
            url:"chuli.php",
            data:{uid:uid,type:0},
            type:"POST",
            dataType:"TEXT",
            success:function(data)
            {                var juese = data.trim().split("|");                //拆分完全都变成代号
                var ck = $(".ck");
                ck.prop("checked",false);                for(var i=0;i<ck.length;i++)
                {                    //便利所有的列表
                    if(juese.indexOf(ck.eq(i).val())>=0)
                    {
                        ck.eq(i).prop("checked",true);
                    }
                }
            }
        });
    }</script>

To write his processing page:

<?phpinclude ("../db.class.php");$db = new db();$type = $_POST["type"];switch ($type)
{    case 0:        $uid = $_POST["uid"];        $sql = "select jid from qxyhzw WHERE uid=&#39;{$uid}&#39;";        echo $db->strQuery($sql);break;
}

Let’s take a look at the final result. If the login is successful, you will enter the homepage. If the login fails, An error will be prompted

Come again, save button:

<script>//当用户变化的时候去选中相应角色
        $("#user").change(function(){
            xuan();
        })        //点击确定保存角色信息
        $("#btn").click(function(){            var uid = $("#user").val();            //找到用户名
            var juese = "";//           找到角色代号
            var ck = $(".ck");            //找到所有的checked
            for(var i=0;i<ck.length;i++)
            {//                遍历他
                if(ck.eq(i).prop("checked"))
                {//                    如果他选中了，两个参数是改他的状态
                    //娶过来值；加个|分割一下
                    juese += ck.eq(i).val()+"|";
                }
            }
            juese = juese.substr(0,juese.length-1);//            去掉最后的|            $.ajax({
                url:"chuli.php",
                data:{uid:uid,juese:juese,type:1},
                type:"POST",
                dataType:"TEXT",
                success:function(data){
                    alert("修改成功");
                }
            });

        })
    });</script>

Processing page:

<?phpinclude ("../db.class.php");$db = new db();$type = $_POST["type"];switch ($type)
{ 
   case 1:        $uid = $_POST["uid"];        $juese = $_POST["juese"];        //        首先全部删掉里面的职位
        $sdel = "delete from qxyhzw WHERE uid = &#39;{$uid}&#39;";        $db->Query($sdel,0);        //拆分取到的字符串
        $arr= explode("|",$juese);        foreach ($arr as $v)
        {            $sql = "insert into qxyhzw VALUES (&#39;&#39;,&#39;{$uid}&#39;,&#39;{$v}&#39;)";            $db->query($sql,0);
        }        echo "ok";        break;
}

See the effect:

The role is selected by default;

Select to save after changing:

Management page summary Code:

View Code

Total code for processing page:

<?phpinclude ("../db.class.php");$db = new db();$type = $_POST["type"];switch ($type)
{    case 0:        $uid = $_POST["zhang"];        $sql = "select jid from qxyhzw WHERE uid=&#39;{$uid}&#39;";        echo $db->strQuery($sql);break;    case 1:        $uid = $_POST["zhang"];        $juese = $_POST["juese"];        //        首先全部删掉里面的职位
        $sdel = "delete from qxyhzw WHERE uid = &#39;{$uid}&#39;";        $db->Query($sdel,0);        //拆分取到的字符串
        $arr= explode("|",$juese);        foreach ($arr as $v)
        {            $sql = "insert into qxyhzw VALUES (&#39;&#39;,&#39;{$uid}&#39;,&#39;{$v}&#39;)";            $db->query($sql,0);
        }        echo "ok";        break;
}

3. Login page:

The display is very simple:

<form action="drcl.php" method="post">
    <p>帐号:<input type="text" name="zhang"/></p>
    <p>密码:<input type="text" name="mi"/></p>
    <input type="submit" value="登入"/></form>

Write login processing

<?phpsession_start();include ("../db.class.php");$db = new db();$zhang = $_POST["zhang"];$mi = $_POST["mi"];$sql = "select mi from qxyh WHERE zhang = &#39;{$zhang}&#39;";$mm = $db->strQuery($sql)>0;if($mm = $mi && !empty($mi))
{    $_SESSION["zhang"] = $zhang;    header("location:chaxun.php");
}//else
//{
//    echo "登入失败";
//}

Jump to the main page, main page code:

Everyone’s main page is different

<body><h1>主页面</h1>

<?phpsession_start();include ("../db.class.php");$db = new db();$zhang = "";if(empty($_SESSION["zhang"]))
{    header("location:qx_dr.php");    exit;
}//登入者用户名
    $zhang = $_SESSION["zhang"];//根据用户名查角色$sql = "select jid from qxyhzw WHERE uid = &#39;{$zhang}&#39;";$aql = $db->Query($sql);//根据角色代号查功能代号$attr = array();//定义一个存放功能代号的数组foreach ($aql as $v)
{   $jsid = $v[0];// 角色代号
    $ssql = "select rid from qxgnzw WHERE jid=&#39;{$jsid}&#39;";    $aaql = $db->strQuery($ssql);//拆分
    $adai = explode("|",$aaql);    foreach ($adai as $h)
    {       array_push($attr,$h);
    }
}$attr = array_unique($attr);//去重
//显示foreach ($attr as $k)
{    $ql = "select * from qxgn WHERE code = &#39;{$k}&#39;";    $arr = $db->Query($ql);    $arr[0][0];    $arr[0][1];    echo "<p code=&#39;{$arr[0][0]}&#39;>{$arr[0][1]}</p>";
}?>

</body>

The user experience of using php is not good, it is best to use ajax.

Related recommendations:

php Personnel Access Management (RBAC)

The above is the detailed content of Detailed explanation of PHP's RBAC permissions. For more information, please follow other related articles on the PHP Chinese website!