Re: newbe: loginscript
- From: petersprc <petersprc@xxxxxxxxx>
- Date: Thu, 18 Oct 2007 03:50:21 -0000
Hi,
You can setup a simple permissions system like the class below. In
this scenario, each user can have 0 or more permissions granted to
him. Use the method hasPermission to check if a user can access a
certain page.
[PermissionManager.php]
<?
require_once(dirname(__FILE__) . '/SiteDb.php');
class PermissionManager
{
function hasPermission($userId, $name, $type = '')
{
$db =& SiteDb::getDb();
$res = $db->extended->getOne('select 1 from permission where
userId = ? and name = ? and type = ? limit 1', null,
array($userId, $name, $type));
return $res == 1;
}
function grantPermission($userId, $name, $type = '')
{
$db =& SiteDb::getdb();
$rec = array(
'userId' => $userId,
'name' => $name,
'type' => $type
);
$db->extended->autoExecute('permission', $rec,
MDB2_AUTOQUERY_INSERT);
}
function revokePermission($userId, $name, $type = '')
{
$db =& SiteDb::getdb();
$db->extended->execParam('delete from permission
where userId = ? and name = ? and type = ?',
array($userId, $name, $type));
}
function getPermissions($userId)
{
$db =& SiteDb::getdb();
$recs = $db->extended->getAll('select permId, name,
type from permission where userId = ?', null,
array($userId));
$perms = array();
foreach ($recs as $rec) {
$perms[$rec['type']][$rec['name']] = $rec;
}
return $perms;
}
}
?>
[SiteDb.php]
<?
require_once('MDB2.php');
class SiteDb
{
function &getDb()
{
static $db = null;
if (is_null($db)) {
$dsn = 'mysql://u:p@h/d';
$db =& MDB2::singleton($dsn);
$db->setOption('portability', MDB2_PORTABILITY_FIX_CASE);
$db->setFetchMode(MDB2_FETCHMODE_ASSOC);
$db->loadModule('Extended');
}
return $db;
}
}
?>
[test.php]
<?
error_reporting(E_ALL);
require_once('PEAR.php');
require_once('PermissionManager.php');
PEAR::setErrorHandling(PEAR_ERROR_DIE);
function isPageAllowed($userId, $page)
{
echo "Checking if user $userId can access \"$page\".<br>";
if (PermissionManager::hasPermission($userId, $page, 'page')) {
echo "Access is allowed.<br>";
} else {
echo "Access is denied.<br>";
}
}
$userId = 1;
$page = $_SERVER['PHP_SELF'];
isPageAllowed($userId, $page);
echo "Granting permission for user $userId to access \"$page
\".<br>";
PermissionManager::grantPermission($userId, $page,
'page');
isPageAllowed($userId, $page);
echo "Revoking permission for user $userId to access \"$page\".<br>";
PermissionManager::revokePermission($userId, $page, 'page');
isPageAllowed($userId, $page);
?>
[mysql.txt]
create table permission (
permId int auto_increment primary key,
userId int,
name char(255) not null,
type char(32) not null default '',
key userId (userId),
foreign key userId (userId) references user (userId) on delete
cascade,
key userNameType (userId, name, type)
) type=innodb;
On Oct 16, 9:52 am, "martin" <nob...@xxxxxxxxxxx> wrote:
Hello,
What I would like to make is an loginscript for my webpages, So I found
something that works:http://www.phpeasystep.com/phptu/6.html
But Now I have several web-'areas' (folders with pictures and adress-lists),
say area A, B C and D.
And depending on the user who logs in, he will get access to C or to A&B or
to A,C&D or to A etc...
by presenting links to these areas.
So: the first part I got it working,... but how can I achieve that a visitor
is granted access to -say- URL's (or folders) A&C??
Any help would be kindly appreciated. ;-)
regards,
martin
.
- References:
- newbe: loginscript
- From: martin
- newbe: loginscript
- Prev by Date: Last Date Updated syntax error
- Next by Date: Re: [PHP] Which PHP-Editor to use?
- Previous by thread: newbe: loginscript
- Next by thread: Should I use an array in a form / how?
- Index(es):
Relevant Pages
|
