PHP permission management and user role setting in mini program development

PHP permission management and user role setting in mini program development

With the popularity of mini programs and the expansion of their application scope, users have put forward higher requirements for the functions and security of mini programs. Among them, permission management and user role setting are important parts of ensuring the security of mini programs. Using PHP for permission management and user role setting in mini programs can effectively protect user data and privacy. The following will introduce how to implement this function.

1. Implementation of permission management

Permission management refers to granting different operating permissions based on the user's identity and role. In the mini program, we can implement permission management through the following steps:

1. Create user table and permission table

First we need to create user table and permission table. The user table contains the user's basic information, such as user name, password, role ID, etc.; the permission table contains permission information for each functional operation, such as function ID, function name, permission level, etc.

Sample code:

CREATE TABLE `user` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(50) DEFAULT NULL,
  `password` varchar(50) DEFAULT NULL,
  `role_id` int(11) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

CREATE TABLE `permission` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(50) DEFAULT NULL,
  `level` int(11) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

2. Set user roles

Determine the roles of different users and add the role ID field to the user table. For example, the role ID of an administrator user is 1, and the role ID of an ordinary user is 2.

Sample code:

// 用户注册时设定角色ID为2
INSERT INTO `user` (`username`, `password`, `role_id`) 
VALUES ('user1', '123456', '2');

// 管理员注册时设定角色ID为1
INSERT INTO `user` (`username`, `password`, `role_id`) 
VALUES ('admin1', 'admin123', '1');

3. Grant permissions

Grant the corresponding permissions to the user based on the permission level settings in the permission table. For example, administrator users have all function permissions, while ordinary users can only access some functions.

Sample code:

// 获取用户角色对应的权限等级
$sql = "SELECT `level` FROM `permission` 
WHERE `id` IN (SELECT `permission_id` FROM `role_permission` WHERE `role_id` = ?)";
$stmt = $pdo->prepare($sql);
$stmt->execute([$role_id]);
$permissions = $stmt->fetchAll(PDO::FETCH_ASSOC);

// 根据权限等级判断用户是否有权限
foreach ($permissions as $permission) {
  if ($permission['level'] >= $required_level) {
    // 用户有权限，执行相应操作
  } else {
    // 用户无权限，提示无权操作
  }
}

2. Implementation of user role setting

User role setting refers to setting the functions that can be accessed and operated according to different user roles. . In the mini program, we can implement user role setting through the following steps:

1. Create a role table

Create a role table, including fields such as role ID and role name.

Sample code:

CREATE TABLE `role` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(50) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

2. Set the permissions corresponding to the role

According to the permission level and function ID settings in the permission table, set different Functions are assigned to different roles.

Sample code:

// 管理员角色拥有所有权限
INSERT INTO `role_permission` (`role_id`, `permission_id`) 
VALUES (1, 1), (1, 2), (1, 3);

// 普通用户角色只有部分权限
INSERT INTO `role_permission` (`role_id`, `permission_id`) 
VALUES (2, 1), (2, 3);

3. Set user role

Set the corresponding role according to the user's role ID.

Sample code:

// 根据用户ID获取角色ID
$sql = "SELECT `role_id` FROM `user` WHERE `id` = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$user_id]);
$role_id = $stmt->fetchColumn();

// 根据角色ID获取用户角色
$sql = "SELECT `name` FROM `role` WHERE `id` = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$role_id]);
$role = $stmt->fetchColumn();

Through the above steps, we can implement PHP-based permission management and user role setting functions in the mini program. This ensures that different users can only perform their authorized operations, effectively protecting user data and privacy.

Summary:

PHP permission management and user role setting in mini program development are an important part of ensuring the security of mini programs. By creating user tables and permission tables, and setting user roles and permissions corresponding to the roles, the functions of permission management and user role setting can be realized. This can ensure the security of mini programs and meet users' needs for mini program security.

The above is the detailed content of PHP permission management and user role setting in mini program development. For more information, please follow other related articles on the PHP Chinese website!