权限控制 - PHP权限管理的问题
情况如下:
一个添加文章的功能会涉及到两个方法,比如方法add用来显示这个添加文章的表单,另一个post方法用来接收提交的表单数据插入数据库。
那么问题是我把add方法写到权限控制里面,在后台可以管理一个角色是否可以提交表单,add这个方法的页面确实可以通过权限阻止显示表单这个页面,但是还有一个post方法就不知道如何做到权限的控制,因为我都是在父控制器里做的判断,根据当前访问的方法名做的统一验证,并不是每个方法都去写验证,而且一个添加文章的权限又不好在后台显示两个方法让去选择,请问如何解决这个问题?(在add方法里面写判断是否是post来处理这两个逻辑感觉不合适,因为如果逻辑比较复杂的话,代码不好组织,即便方便处理,也可能该功能还会有调用第三个方法第四个方法,还有ajax的权限)谢谢
回复内容:
情况如下:
一个添加文章的功能会涉及到两个方法,比如方法add用来显示这个添加文章的表单,另一个post方法用来接收提交的表单数据插入数据库。
那么问题是我把add方法写到权限控制里面,在后台可以管理一个角色是否可以提交表单,add这个方法的页面确实可以通过权限阻止显示表单这个页面,但是还有一个post方法就不知道如何做到权限的控制,因为我都是在父控制器里做的判断,根据当前访问的方法名做的统一验证,并不是每个方法都去写验证,而且一个添加文章的权限又不好在后台显示两个方法让去选择,请问如何解决这个问题?(在add方法里面写判断是否是post来处理这两个逻辑感觉不合适,因为如果逻辑比较复杂的话,代码不好组织,即便方便处理,也可能该功能还会有调用第三个方法第四个方法,还有ajax的权限)谢谢
没法儿说,整体的逻辑很混乱。
如果你是RESTful应用,那么不存在这个问题,所以肯定不是RESTful。那就没必要把post独立出来,自然就没有你这种困扰了。例如你可以这样解决:
<code>public function addAction() {
if ($this->getRequest()->isPost()) {
$this->_addHandle();
}
}</code>不知道你现在处在什么阶段,其实跳过权限问题,如果post的数据不合法的时候怎么办?此时你需要add的视图并附加错误信息,post再调用add一次?
补充答案:
RESTful的时候通常只返回json数据,所以在post数据的时候并没有请求表单这个权限设置,例如
列表 GET::/articles
详情 GET::/articles/:id
新建 POST::/articles
编辑 PUT::/articles/:id
删除 DEL::/articles/:id
当然也可以再自定义其它请求,和问题无关。
对于普通访问中的ajax请求处理,看你使用的框架了,通常类似以下逻辑
<code>public function addAction() {
if ($this->getRequest()->isPost()) {
//提交处理
}
//默认处理,如获取关联数据等
//最后进行ajax识别
if ($this->getRequest()->isXMLHttpRequest()) {
return $this->json();//用json方式输出结果
}
return $this->render();//用正常方式输出结果
}</code>你可能需要对所使用的框架更熟悉一些才好有整体的把控,建议github上找一个与你使用的技术对应的网站源码看看,看看他们怎么处理这种请求的。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1377
52
PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian
Dec 24, 2024 pm 04:42 PM
PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati
Discuss CakePHP
Sep 10, 2024 pm 05:28 PM
CakePHP is an open-source framework for PHP. It is intended to make developing, deploying and maintaining applications much easier. CakePHP is based on a MVC-like architecture that is both powerful and easy to grasp. Models, Views, and Controllers gu
CakePHP File upload
Sep 10, 2024 pm 05:27 PM
To work on file upload we are going to use the form helper. Here, is an example for file upload.
How To Set Up Visual Studio Code (VS Code) for PHP Development
Dec 20, 2024 am 11:31 AM
Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems. With a large collection of extensions for many programming languages, VS Code can be c
CakePHP Quick Guide
Sep 10, 2024 pm 05:27 PM
CakePHP is an open source MVC framework. It makes developing, deploying and maintaining applications much easier. CakePHP has a number of libraries to reduce the overload of most common tasks.
How do you parse and process HTML/XML in PHP?
Feb 07, 2025 am 11:57 AM
This tutorial demonstrates how to efficiently process XML documents using PHP. XML (eXtensible Markup Language) is a versatile text-based markup language designed for both human readability and machine parsing. It's commonly used for data storage an
PHP Program to Count Vowels in a String
Feb 07, 2025 pm 12:12 PM
A string is a sequence of characters, including letters, numbers, and symbols. This tutorial will learn how to calculate the number of vowels in a given string in PHP using different methods. The vowels in English are a, e, i, o, u, and they can be uppercase or lowercase. What is a vowel? Vowels are alphabetic characters that represent a specific pronunciation. There are five vowels in English, including uppercase and lowercase: a, e, i, o, u Example 1 Input: String = "Tutorialspoint" Output: 6 explain The vowels in the string "Tutorialspoint" are u, o, i, a, o, i. There are 6 yuan in total
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
