我需要基于PHP角色的身份验证解决方案
我需要关于我的项目基于角色的明智解决方案。我有桌子我需要基于PHP角色的身份验证解决方案,php,mysql,roles,user-permissions,Php,Mysql,Roles,User Permissions,我需要关于我的项目基于角色的明智解决方案。我有桌子 - users [ID, ..., roleID,..] - role [roleID, role_name] - permission_department[ID, roleID, departmentID] - department [ID, department_name] 首先,有一个表单可以将新部门添加到部门表中。此外,还有一个带有选择框的表单,用于获取权限0或1。在此表单中,还有“部门权限”部分。我会得到属于部门的部门的许可。ID
- users [ID, ..., roleID,..]
- role [roleID, role_name]
- permission_department[ID, roleID, departmentID]
- department [ID, department_name]
首先,有一个表单可以将新部门添加到部门表中。此外,还有一个带有选择框的表单,用于获取权限0或1。在此表单中,还有“部门权限”部分。我会得到属于部门的部门的许可。ID是
$conn_departmentlist = mysql_query("SELECT * FROM department");
$num_rows_departmentlist = mysql_num_rows($conn_departmentlist);
$y = $num_rows_departmentlist + 1;
for($x = 1; $x < $y; $x++) {
$departmentIDs[$x] = @$_POST['menu_Department'][$x];
if(isset($departmentIDs[$x])) { $departmentIDs[$x] = $x; }
}
$departmentID_permission = array();
for($x = 1; $x < $y; $x++) {
if($departmentIDs[$x]) { array_push($departmentID_permission, $departmentIDs[$x]); }
}
$departmentID_PUTDATABASE = implode(",", $departmentID_permission); // example: 1,3,5
$conn\u departmentlist=mysql\u查询(“选择*来自部门”);
$num_rows_departmentlist=mysql_num_rows($conn_departmentlist);
$y=$num_rows_departmentlist+1;
对于($x=1;$x<$y;$x++){
$departmentIDs[$x]=@$\u POST['menu\u Department'][$x];
if(isset($departmentIDs[$x]){$departmentIDs[$x]=$x;}
}
$departmentID_permission=array();
对于($x=1;$x<$y;$x++){
if($departmentIDs[$x]){array_push($departmentID_permission,$departmentIDs[$x])}
}
$departmentID_PUTDATABASE=内爆(“,”,$departmentID_权限);//示例:1,3,5
我将$departmentID_数据库值记录到permission_department.deparmentID及其roleID。当我需要显示部门的权限时:
**HTML:**
<?php
$conn_departmentlist = mysql_query("SELECT * FROM department");
while($get_departmentlist = mysql_fetch_array($conn_departmentlist)) {
$departmentID = $get_departmentlist['ID'];
$department_name = $get_departmentlist['department_name'];
?>
<input type="checkbox" class="flat" id="menu_Department[<?php echo $departmentID; ?>]" name="menu_Department[<?php echo $departmentID; ?>]" <?php get_department_permission_sql($departmentID, $Selected_RoleID); ?> />
<?php } ?>
**PHP:**
function get_department_permission_sql($departmentID, $Selected_RoleID) {
$conn_permission_department = mysql_query("SELECT departmentID FROM permission_department WHERE roleID = '$Selected_RoleID'");
$get_permission_department = mysql_fetch_array($conn_permission_department);
$departmentID_permission = array($get_permission_department['departmentID']);
$departmentID_permission = explode(',', $departmentID_permission[0]);
$y = count($departmentID_permission);
for($x=0; $x < $y; $x++) {
if($departmentID == $departmentID_permission[$x]) { echo 'checked = "checked"'; }
}
}
**HTML:**
为什么要使用已有十年历史的数据库API?它已被弃用、未维护且不安全,尤其是您使用它的方式。切换到PDO。我知道,但是六个月前开始的。我将很快用CakePhp更改它。我知道了。