PHP learning steps: How to use the permission control management system

PHP learning steps: How to use the permission control management system

Introduction:
In modern software development, permission control is a very important part. Whether it is a website management system or a backend management system, permission control is an essential function. This article will introduce how to use the PHP programming language to implement a basic permission control management system.

Step 1: Create a database table
First, we need to create a database to store user and permission information. We can use MySQL or other relational databases to create tables.

CREATE TABLE `users` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(255) NOT NULL,
  `password` varchar(255) NOT NULL,
  PRIMARY KEY (`id`)
);

CREATE TABLE `permissions` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `user_id` int(11) NOT NULL,
  `permission` varchar(255) NOT NULL,
  PRIMARY KEY (`id`),
  FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON DELETE CASCADE
);

The above table will be used to store user information and permission information. The 'users' table is used to store user names and passwords, and the 'permissions' table is used to store the correspondence between users and permissions, where 'user_id' is the foreign key of the 'user' table.

Step 2: Create PHP code
We will use PHP to write code to implement the permission control management system. First, we need to connect to the database.

<?php
$servername = "localhost";
$username = "your_username";
$password = "your_password";
$dbname = "your_database";

$conn = new mysqli($servername, $username, $password, $dbname);

if ($conn->connect_error) {
  die("连接失败: " . $conn->connect_error);
}

// 程序继续执行...
?>

In the above code, you need to replace 'your_username' and 'your_password' with your own database username and password. 'your_database' needs to be replaced with your own database name.

Step 3: User login and verification
Next, we need to implement the user login and verification functions. First, create a login form.

<form action="login.php" method="POST">
  <input type="text" name="username" placeholder="用户名">
  <input type="password" name="password" placeholder="密码">
  <input type="submit" value="登录">
</form>

Then, create a new file called 'login.php' to handle form submission.

<?php
session_start();

if ($_SERVER["REQUEST_METHOD"] == "POST") {
  $username = $_POST["username"];
  $password = $_POST["password"];

  $sql = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
  $result = $conn->query($sql);

  if ($result->num_rows > 0) {
    $row = $result->fetch_assoc();
    $_SESSION["user_id"] = $row["id"];
    header("Location: dashboard.php");
  } else {
    echo "用户名或密码错误";
  }
}

$conn->close();
?>

In the above code, we use the $_SESSION variable to store the user's id for permission verification in other pages. If the login is successful, we will redirect the user to a new page called 'dashboard.php'.

Step 4: Permission verification
In each page that requires permission control, we need to first verify whether the user has the corresponding permissions. The following is the code of a sample page:

<?php
session_start();

if(!isset($_SESSION["user_id"])){
  header("Location: login.php");
  exit;
}

$user_id = $_SESSION["user_id"];

$sql = "SELECT * FROM permissions WHERE user_id = $user_id AND permission = 'admin'";
$result = $conn->query($sql);

if ($result->num_rows == 0) {
  echo "权限不足";
  exit;
}

// 程序继续执行...
?>

In the above code, we first verify whether $_SESSION["user_id"] exists, and if it does not exist, redirect the user to the login page . We then query the database based on the user id and check if the user has permission named 'admin'. If there is no permission, the program will output "Insufficient permissions" and stop execution.

Conclusion:
Through the above steps, we successfully implemented a basic permission control management system. You can continue to extend this system and add more permissions and functions.

Of course, this is just an entry-level example. In actual projects, you may need more functions and more complex permission control logic. Based on in-depth study of PHP and databases, you can further improve your permission control capabilities.

I hope this article will be helpful to you in learning PHP and implementing a permission control management system!

The above is the detailed content of PHP learning steps: How to use the permission control management system. For more information, please follow other related articles on the PHP Chinese website!