Php 管理员可以更新一切,而用户只能更新自己的帐户
我有一个问题,而这样做,用户只能更新自己的数据,但不幸的是管理员不能更新一切,只是更新自己像任何普通用户。 我的想法是把Php 管理员可以更新一切,而用户只能更新自己的帐户,php,yii,Php,Yii,我有一个问题,而这样做,用户只能更新自己的数据,但不幸的是管理员不能更新一切,只是更新自己像任何普通用户。 我的想法是把$id=Yii::app()->user->id如下所示: public function actionUpdate($id) { $id = Yii::app()->user->id; $model=$this->loadModel($id); // Uncomment the following line if AJAX vali
$id=Yii::app()->user->id函数aaActionUpdate中的代码>如下所示:
public function actionUpdate($id)
{
$id = Yii::app()->user->id;
$model=$this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['User']))
{
$model->attributes=$_POST['User'];
if($model->save())
$this->redirect(array('view','id'=>$model->id_user));
}
$this->render('update',array(
'model'=>$model,
));
}
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('create','captcha'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('view','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('index','admin','delete', 'update'),
//'users'=>array('admin'),
'expression'=>'$user->getLevel()<=1',
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
$isAdmin = Yii::app()->user->getLevel() <=1; // or how you define admin in your case.
if (!$isAdmin)
$id = Yii::app()->user->id;
然后我想我必须以管理员的身份在actionRules中加入'update'
,如下所示:
public function actionUpdate($id)
{
$id = Yii::app()->user->id;
$model=$this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['User']))
{
$model->attributes=$_POST['User'];
if($model->save())
$this->redirect(array('view','id'=>$model->id_user));
}
$this->render('update',array(
'model'=>$model,
));
}
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('create','captcha'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('view','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('index','admin','delete', 'update'),
//'users'=>array('admin'),
'expression'=>'$user->getLevel()<=1',
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
$isAdmin = Yii::app()->user->getLevel() <=1; // or how you define admin in your case.
if (!$isAdmin)
$id = Yii::app()->user->id;
公共函数访问规则()
{
返回数组(
数组('allow',//允许所有用户执行'index'和'view'操作
'actions'=>array('create','captcha'),
'users'=>array('*'),
),
数组('allow',//允许经过身份验证的用户执行“创建”和“更新”操作
'actions'=>array('view','update'),
'users'=>array('@'),
),
数组('allow',//允许管理员用户执行'admin'和'delete'操作
'actions'=>array('index','admin','delete','update'),
//“用户”=>array('admin'),
“expression'=>”$user->getLevel()Man,但是您在actionUpdate()
的第一行清楚地声明您始终希望更新当前登录的用户!您有什么问题
如果您希望普通用户更新自己,管理员更新任何人,那么给定框架代码的第一行应该如下所示:
public function actionUpdate($id)
{
$id = Yii::app()->user->id;
$model=$this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['User']))
{
$model->attributes=$_POST['User'];
if($model->save())
$this->redirect(array('view','id'=>$model->id_user));
}
$this->render('update',array(
'model'=>$model,
));
}
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('create','captcha'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('view','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('index','admin','delete', 'update'),
//'users'=>array('admin'),
'expression'=>'$user->getLevel()<=1',
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
$isAdmin = Yii::app()->user->getLevel() <=1; // or how you define admin in your case.
if (!$isAdmin)
$id = Yii::app()->user->id;
哦,是的,我明白了,我真的很抱歉成为Yii的新手。谢谢你的帮助。成为新手不是问题。否认你自己明确声明的内容。;)也许你想了解一下“Yii::app()->用户”在和中的含义。