使用PHP在MySQL数据库中按用户权限向用户显示菜单项?
我有一个用于使用PHP在MySQL数据库中按用户权限向用户显示菜单项?,php,mysql,acl,Php,Mysql,Acl,我有一个用于用户的MySQL数据库表,还有一个用于菜单链接的新表。使用PHP,更具体地说,我也使用Laravel 我需要建立一个用户菜单,显示每个用户权限基础上的菜单项 通常,这是使用用户组来完成的,但是我的要求是基于每个用户来构建它 这意味着每个菜单项都需要为数据库中的每个用户保存一个yes或no值 然后我需要向每个用户显示这个菜单,只显示允许他们查看的菜单项 我有下面的用户和链接MySQL数据库模式 我需要的帮助是,我相信我需要添加另一个第三个表用户链接权限,该表将存储每个用户和菜单项的设置
用户的MySQL数据库表菜单链接的新表用户组来完成的,但是我的要求是基于每个用户来构建它
这意味着每个菜单项都需要为数据库中的每个用户保存一个yes
或no
值
然后我需要向每个用户显示这个菜单,只显示允许他们查看的菜单项
我有下面的用户和链接MySQL数据库模式
我需要的帮助是,我相信我需要添加另一个第三个表用户链接权限
,该表将存储每个用户和菜单项的设置,以确定用户是否可以查看菜单项。
我不知道如何构建PHP,以便只显示允许用户查看的菜单项,还可以使用一些帮助来了解第三个表的外观,请?
在构建菜单HTML输出的PHP代码中,我认为最好有一个方法检查循环中的每个菜单项记录,看看当前用户是否有查看它的权限。。。。范例
// Array of menu items from MySQL Database or even just a MySQL result?
$menuItems = array();
foreach ($menuItems as $key => $value) {
// can cureent user view this menu item record or not?
if($this->user->canViewMenuItem($value)){
// show menu item
}
}
用户表
CREATE TABLE IF NOT EXISTS `users` (
`user_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`password` varchar(160) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
`first_name` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`last_name` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`phone` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_street` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_city` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_state` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_postal_code` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_country` varchar(64) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'USA',
`job_position` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
`user_role` enum('admin','manager','employee') COLLATE utf8_unicode_ci NOT NULL DEFAULT 'employee',
`payday_group` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
`default_user_photo_url` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
`last_user_photo_url` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
`created_date` datetime NOT NULL,
`last_login_date` datetime DEFAULT NULL,
`updated_date` datetime DEFAULT NULL,
`login_counter` bigint(20) NOT NULL DEFAULT '0',
`total_time_worked` bigint(20) DEFAULT NULL,
`user_notes` text COLLATE utf8_unicode_ci,
`time_zone` varchar(30) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'US/Central',
`clocked_in` tinyint(1) NOT NULL DEFAULT '0',
`status` tinyint(1) NOT NULL DEFAULT '1',
`webcam` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`user_id`),
UNIQUE KEY `users_username_unique` (`username`),
UNIQUE KEY `users_email_unique` (`email`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=64 ;
CREATE TABLE IF NOT EXISTS `intranet_links` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(255) DEFAULT NULL,
`description` text NOT NULL,
`url` varchar(255) DEFAULT NULL,
`permission` varchar(50) NOT NULL DEFAULT 'admin',
`notes` text,
`active` int(2) NOT NULL DEFAULT '1',
`sort_order` int(11) DEFAULT NULL,
`parent_id` int(10) NOT NULL DEFAULT '1',
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
链接表
CREATE TABLE IF NOT EXISTS `users` (
`user_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`password` varchar(160) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
`first_name` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`last_name` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`phone` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_street` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_city` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_state` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_postal_code` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`address_country` varchar(64) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'USA',
`job_position` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
`user_role` enum('admin','manager','employee') COLLATE utf8_unicode_ci NOT NULL DEFAULT 'employee',
`payday_group` varchar(100) COLLATE utf8_unicode_ci DEFAULT NULL,
`default_user_photo_url` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
`last_user_photo_url` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
`created_date` datetime NOT NULL,
`last_login_date` datetime DEFAULT NULL,
`updated_date` datetime DEFAULT NULL,
`login_counter` bigint(20) NOT NULL DEFAULT '0',
`total_time_worked` bigint(20) DEFAULT NULL,
`user_notes` text COLLATE utf8_unicode_ci,
`time_zone` varchar(30) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'US/Central',
`clocked_in` tinyint(1) NOT NULL DEFAULT '0',
`status` tinyint(1) NOT NULL DEFAULT '1',
`webcam` tinyint(1) NOT NULL DEFAULT '1',
PRIMARY KEY (`user_id`),
UNIQUE KEY `users_username_unique` (`username`),
UNIQUE KEY `users_email_unique` (`email`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=64 ;
CREATE TABLE IF NOT EXISTS `intranet_links` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(255) DEFAULT NULL,
`description` text NOT NULL,
`url` varchar(255) DEFAULT NULL,
`permission` varchar(50) NOT NULL DEFAULT 'admin',
`notes` text,
`active` int(2) NOT NULL DEFAULT '1',
`sort_order` int(11) DEFAULT NULL,
`parent_id` int(10) NOT NULL DEFAULT '1',
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
让事情稍微复杂一点,我的菜单还将有一个层次结构,如类别/文件夹/目录。因此,1个菜单项可以有子菜单项。我的实际菜单输出如下图所示,但每个菜单项也将根据每个用户的权限设置显示或不显示
现在我的问题是如何构造第三个DB表,然后如何查询并向每个用户显示正确的链接。完成该部分后,我还将有一个设置页面,其中每个菜单项都可以为数据库中的每个用户设置为yes/no
。与此SugarCRM权限页类似。。。除了顶部的水平列将是链接
,垂直记录将是用户
将权限设置为整数,并对每个菜单项或按权限分组的菜单项使用1位
然后使用位和来确定权限是否匹配
用户和链接都有一个权限列
权限是一个整数
权限A=1
权限B=2
权限C=4
权限D=8
权限E=16
权限F=32
如果显示B组和D组的菜单项,则:
如果(链接权限和用户权限)不为零,则用户有权限。
如果只有B和D,则链接权限的值为:
权限B+权限D,或2+8(00000010+000011000)=00001010(十进制10,十六进制)
现在,如果用户权限=2(0010)或用户权限=8(1000)
当与链接权限0000110进行AND运算时,按位AND运算的结果以及用户权限和链接权限的结果将不会为零(如果非零=真,则为真)。
您还可以定义组级别的值
define('LINK_PERMISSION_ADMIN' ,255); // 11111111
您可以定义多个前置任务
我将使用十六进制而不是十进制,否则数字将无法管理
define('LINK_PERMISSION_ACCOUNTS' ,0x8000);
define('LINK_PERMISSION_AUDIT' ,0x4000);
define('LINK_PERMISSION_WORKFLOW' ,0x2000);
define('LINK_PERMISSION_BUGTRACKER',0x1000);
只有帐户访问权限的用户将是
`user.permission` = LINK_PERMISSION_ACCOUNTS + LINK_PERMISSION_ACCESS ;
具有帐户访问、编辑和删除权限的用户将是
`user.permission` = LINK_PERMISSION_ACCOUNTS
+ LINK_PERMISSION_ACCESS
+ LINK_PERMISSION_DELETE
+ LINK_PERMISSION_EDIT;
如果您需要每个区域的用户权限列:
CREATE TABLE IF NOT EXISTS `user` (
...
`accountPermission` int(11) NOT NULL DEFAULT '0',
`workFlowPermission` int(11) NOT NULL DEFAULT '0',
`contactsPermission` int(11) NOT NULL DEFAULT '0',
`campaignPermission` int(11) NOT NULL DEFAULT '0',
但如果权限数为4或更少,例如:
define('LINK_PERMISSION_ACCESS' ,1); // 000000001
define('LINK_PERMISSION_DELETE' ,2) ; // 000000010
define('LINK_PERMISSION_EDIT' ,4) ; // 000000100
define('LINK_PERMISSION_VIEW' ,8) ; // 000001000
`permission` int(11) NOT NULL DEFAULT '0',
其中,帐户、工作流、联系人和活动分为4位:
account workflow contacts campaign
0000 0000 0000 0000
PERMISSION_ACCOUNT_ACCESS, 0x1000
PERMISSION_WORKFLOW_ACCESS, 0x0100
PERMISSION_CONTACTS_ACCESS, 0x0010
PERMISSION_CAMPAIGN_ACCESS, 0x0001
PERMISSION_ACCOUNT_DELETE, 0x2000
PERMISSION_WORKFLOW_DELETE, 0x0200
PERMISSION_CONTACTS_DELETE, 0x0020
PERMISSION_CAMPAIGN_DELETE, 0x0002
PERMISSION_ACCOUNT_EDIT, 0x4000
PERMISSION_WORKFLOW_EDIT, 0x0400
PERMISSION_CONTACTS_EDIT, 0x0040
PERMISSION_CAMPAIGN_EDIT, 0x0004
PERMISSION_ACCOUNT_VIEW, 0x8000
PERMISSION_WORKFLOW_VIEW, 0x0800
PERMISSION_CONTACTS_VIEW, 0x0080
PERMISSION_CAMPAIGN_VIEW, 0x0008
回到你的链接
定义常数
链接和用户都有一个权限列:
`permissions` int(11) NOT NULL DEFAULT '0',
define('LINK_PERMISSION_ACCOUNTS' ,0x8000);
define('LINK_PERMISSION_AUDIT' ,0x4000);
define('LINK_PERMISSION_WORKFLOW' ,0x2000);
define('LINK_PERMISSION_BUGTRACKER',0x1000);
如果用户拥有帐户和bug追踪器访问权限:
$userPermission = LINK_PERMISSION_ACCOUNTS + LINK_PERMISSION_BUGTRACKER;
UPDATE `users` SET `permissions`= $userPermission WHERE `id` = $user
然后选择所需的链接权限:
$linkPermission = LINK_PERMISSION_ACCOUNTS;
我们在链接权限和用户权限上做了一点明智的和(&)
SELECT * FROM `links` WHERE (`permissions` & $userPermission)
链接是否为子菜单链接并不重要
这是典型的分层表:
CREATE TABLE IF NOT EXISTS `links` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`parent` int(11) NOT NULL DEFAULT '0',
`sort` int(11) NOT NULL DEFAULT '0',
`text` char(32) COLLATE utf8_bin NOT NULL,
`link` text COLLATE utf8_bin NOT NULL,
`permission` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
相反,我们可以消除、父级和排序,id列将完成所有操作。
包含两个级别的菜单结构:主菜单和子菜单,“id”被分解
菜单子菜单
菜单编号为0x0100到0xFF00
子菜单编号为0x0002到0x00FE
对于此菜单:
创建链接表的SQL:
PHP
头部和CSS
W3C MobileOK检查器分数:100%
您将找不到很多可以这样做的网页:
Google PageSpeed Insights 100%移动和桌面速度和可用性
一小条
此代码段是使用上面的PHP编写的,并将视图源粘贴到此处:
var toggle=newarray();
切换['']=“块”;
切换['none']='block';
切换['block']='none';
var div,disp;
var prev=document.getElementById('x');
功能显示(id){
div=document.getElementById('d'+id);
disp=div.style.display;
prev.style.display='none';
div.style.display=切换[disp];
prev=div;
变量y=等分偏移;
窗口。滚动到(0,y-32);}
。子菜单,.main菜单{文本对齐:左;边框半径:3px 3px 3px 3px;字体:700 1.1em Arial,Helvetica,Calibri,无衬线;溢出:可见;}
.子菜单{边框:1px实心#0f0;颜色:#fff;边距:.2em 0.2em.8em;宽度:16.8em;填充:0.8em;
背景图像:-o-线性梯度(底部,#3d5 0%,#370 100%);
背景图像:-moz线性梯度(底部,#3d5 0%,#370 100%);
背景图像:-webkit线性渐变(底部,#3d5 0%,#370 100%);
背景图像:-ms线性梯度(底部,#3d5 0%,#370 100%);
背景图像:线性渐变(到底部,#3d5 0%,#370 100%;)
.main菜单{字体大小:1.2em;边距:
CREATE TABLE IF NOT EXISTS `links` (
`id` int(11) NOT NULL,
`text` char(64) COLLATE utf8_bin NOT NULL,
`link` text COLLATE utf8_bin NOT NULL,
`permission` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
INSERT INTO `links` (`id`, `text`, `link`, `permission`) VALUES
(512, 'Server Admin', '#', 1),
(514, 'Ubuntu Dashboard', '#', 2),
(518, 'Redis Cache Admin', '#', 4),
(522, 'MySQL dB Management', '#', 8),
(1024, 'Neon and More', '#', 16),
(1026, 'Neon and More (NAM)', '#', 32),
(1030, 'SugarCRM', '#', 64),
(1034, 'NAM Magento Admin', '#', 128),
(1038, 'NAM Time Clock', '#', 256),
(1042, 'NeonAndMore Blog Admin', '#', 512),
(1046, 'Order Reports', '#', 1024),
(1050, 'Work Orders', '#', 2048),
(1054, 'Update Order Status', '#', 4096),
(1536, 'Channel Letter', '#', 8192),
(1538, 'Channel Letter', '#', 16384),
(1542, 'Magento Admin', '#', 32768),
(2048, 'Border Tubing', '#', 65536),
(2050, 'Border Tubing', '#', 131072),
(2560, 'Sign Parts And More', '#', 262144),
(2562, 'Sign Parts And More', '#', 524288),
(3072, 'Other Services', '#', 1048576),
(3074, 'Pusher Realtime Events<br/>Instant Caller ID Alerts', '#', 2097152),
(3078, 'Zopim Customer Support Chat', '#', 4194304),
(3082, 'Google Analytics', '#', 8388608),
(3086, 'GitLab (Private GitHub Clone)', '#', 16777216),
(3584, 'Labs / Projects', '#', 33554432),
(3586, 'NAM LABS', '#', 67108864),
(3590, 'Camera Phone', '#', 134217728),
(3594, 'Server Email Verification', '#', 268435456);
SELECT `id`, `text`, `link`, `permission`
FROM `links`
WHERE (`permission` & $userpermission )
<?php
ob_start("ob_gzhandler");
header('Content-Type: text/html; charset=utf-8');
header('Connection: Keep-Alive');
header('Keep-Alive: timeout=5, max=100');
header('Cache-Control: max-age=84600');
header('Vary: Accept-Encoding');
echo <<<EOT
<!DOCTYPE html>
<html lang="en"><head><title>Daily Rx</title><meta name="viewport" content="width=device-width, initial-scale=1.0" />
<style type="text/css">
.submenu,.mainmenu{text-align:left;border-radius: 3px 3px 3px 3px;font: 700 1.1em Arial,Helvetica,Calibri,sans-serif;overflow: visible;}
.submenu{border:1px solid #0f0;color: #fff;margin:.2em 0 .2em .8em;width:16.8em;padding: 0 0 0 .8em;
background-image: -o-linear-gradient(bottom, #3d5 0%, #370 100%);
background-image: -moz-linear-gradient(bottom, #3d5 0%, #370 100%);
background-image: -webkit-linear-gradient(bottom, #3d5 0%, #370 100%);
background-image: -ms-linear-gradient(bottom, #3d5 0%, #370 100%);
background-image: linear-gradient(to bottom, #3d5 0%, #370 100%);}
.mainmenu{font-size:1.2em;margin:.2em .2em .2em .2em ;width:16em;padding-left:1em;border:1px solid #00f;color: #fff;
background-image: -o-linear-gradient(bottom, #2ef 0%, #02f 100%);
background-image: -moz-linear-gradient(bottom, #2ef 0%, #02f 100%);
background-image: -webkit-linear-gradient(bottom, #2ef 0%, #02f 100%);
background-image: -ms-linear-gradient(bottom, #2ef 0%, #02f 100%);
background-image: linear-gradient(to bottom, #2ef 0%, #02f 100%);}
.hide{display:none;}
#x{height:40em;}
#page{margin:0;padding:0;}
hr{font-size:.1em;padding:0;margin:0 0 0 1em;width:50em;opacity:0;}
</style></head><body><div id="page">
EOT;
ob_flush();
$userpermission = 4294967295; // 0xffffffff
$sql = "SELECT `id`, `text`, `link`, `permission` FROM `links` WHERE (`permission` & $userpermission ) > 0";
$results = mysqli_query($conn,$sql);
if (mysqli_errno($conn) > 0){echo mysqli_error($conn) . "<br>\n$sql\n";}
while($row = mysqli_fetch_array($results, MYSQL_NUM)){
$class = $row[0] & 1;
if($class == 0){
$i++;
echo "$closeSubmenu\n<button class=\"mainmenu\" onclick=\"show($i)\">$row[1]</button>\n<div class=\"hide\" id=\"d$i\">\n";
}
else{
echo "<form action=\"$row[2]\"><div><input type=\"hidden\" name=\"user\" value=\"$user\" /><input type=\"hidden\" name=\"id\" value=\"$row[0]\" /><input type=\"hidden\" name=\"permission\" value=\"$userpermission\" /><button class=\"submenu\">$row[1]</button></div></form>\n";
}
$closeSubmenu = '</div><hr/>';
}
ob_flush();
echo <<<EOT
</div><div id="x"><p> </p></div>
<script type="text/javascript">
//<![CDATA[
var toggle = new Array();
toggle[''] ='block';
toggle['none'] ='block';
toggle['block'] ='none';
var div,disp;
var prev = document.getElementById('d1');
prev.style.display='none';
function show(id){
div = document.getElementById('d' + id);
disp = div.style.display;
prev.style.display='none';
div.style.display=toggle[disp];
prev=div;
var y=div.offsetTop;
window.scrollTo(0, y-32);
}
//]]>
</script></div></body></html>
EOT;
ob_end_flush();
?>
DNS Lookup: 20 ms
Initial Connection: 35 ms
Time to First Byte: 95 ms
Content Download: 2 ms
<li class="list-group-item list-toggle lv1">
<a data-toggle="collapse" data-parent="#menuHomeUserPrivate" href="#collapse-PerfilManage"><i class="fa fa-cog"></i>Perfil Profissional</a>
<ul id="collapse-PerfilManage" class="collapse">
<li class="list-group-item lv2"><a id="to_CodAtivacao" class="privateMenuLinkJS "><i class="fa fa-lock"></i> Código de Ativação</a></li>
<li class="list-group-item lv2">$badgeInativar_Code<a id="to_EditarFoto" class="privateMenuLinkJS "><i class="fa fa-camera-retro"></i> Editar Foto</a></li>
<li class="list-group-item lv2">$badgeInativar_Code<a id="to_URL_Manage" class="privateMenuLinkJS "><i class="fa fa-link"></i>Site (URL) Profissional</a></li>
<li class="list-group-item lv2"><a id="to_NivelEcucacional" class="privateMenuLinkJS "><i class="fa fa-university"></i>Nível Educaional</a></li>
<li class="list-group-item lv2"><a id="to_OrdemProfissional" class="privateMenuLinkJS "><i class="fa fa-users"></i> N°Profissional</a></li>
<li class="list-group-item lv2"><a id="to_EspecialidadeProfissional" class="privateMenuLinkJS "><i class="fa fa-codepen"></i>Especialidade(s)</a></li>
<li class="list-group-item lv2">$badgeInativar_Code<a id="to_EnderecoProfissional" class="privateMenuLinkJS "><i class="fa fa-hospital-o"></i>Endereço Profissional</a></li>
<li class="list-group-item lv2">$badgeInativar_Code<a id="to_GestaoEnderecos" class="privateMenuLinkJS "><i class="fa fa-cogs"></i>Gestão de Endereço(s)</a></li>
</ul>
</li>
if($eventMenuInactivate===0||$eventMenuInactivate===NULL||$eventMenuInactivate===""){
$badgeInativar_Code="";
}
elseif ($eventMenuInactivate===1) {//$eventMenuInactivate===1 O usuário não preencheu o código de ativação
$badgeInativar_Code = "<span class=\" hidden spmInatCode badge rounded badge-red\"><i class=\"fa fa-lock\"></i>Locked</span>";
}
static function section_MENU_HomeUser_Private($eventMenuInactivate=FALSE) { ....
updateUser.php?up=4575
$userpermissions = intval($_GET['up']);
foreach($_POST as $key => $value){
if(substr($key,0,1) == 'c'){
$userpermissions |= $value;
}
}
for($i=1;$i<33;$i++){
if($userpermissions & $permissions[$i]){
$checked[$i] = 'checked="checked"';
}
}
$permissions = array(0,1,2,4,8,16,32,64,128,256,512,1024,2048,4096,8192,16384,32768,65536,131072,262144,524288,1048576,2097152,4194304,8388608,16777216,33554432,67108864,134217728,268435456);
bg = new Array;
bg[true] = '#f00';
bg[false] = '#2985EA';
c[i] = document.getElementById('c' + i);
d[i] = document.getElementById('d' + i);
d[i].style.backgroundColor=bg[c[i].checked];
var divs = document.getElementsByTagName("div");
<?php
ob_start("ob_gzhandler");
header('Content-Type: text/html; charset=utf-8');
header('Connection: Keep-Alive');
header('Keep-Alive: timeout=5, max=100');
header('Cache-Control: max-age=84600');
header('Vary: Accept-Encoding');
echo <<<EOT
<!DOCTYPE html>
<html lang="en"><head><title>Daily Rx</title><meta name="viewport" content="width=device-width, initial-scale=1.0" />
<style type="text/css">
.link,.btn{text-align:center;border-radius: 3px 3px 3px 3px;
font: 700 1em Arial,Helvetica,Calibri,sans-serif;overflow: visible;}
.btn{border:1px solid #00f;color: #fff;background:#004;margin:.2em;width:18em;padding:.8em;
}
.link{border:1px solid #0f0;color: #fff;margin:.2em;width:18em;padding:.8em;
background-image: -o-linear-gradient(bottom, #2ef 0%, #02f 100%);
background-image: -moz-linear-gradient(bottom, #2ef 0%, #02f 100%);
background-image: -webkit-linear-gradient(bottom, #2ef 0%, #02f 100%);
background-image: -ms-linear-gradient(bottom, #2ef 0%, #02f 100%);
background-image: linear-gradient(to bottom, #2ef 0%, #02f 100%);}
.hide{display:none;}
#x{height:40em;}
#page{margin:0;padding:0;}
.dchk{font:700 1em Arial,sans-serif;color:#fff;width:18em;display:inline-block;padding:2px 0 2px 2px;margin:0 0 .5em;vertical-align: middle;position: relative;}
.chk{color:#fff;display:inline;padding:6px 0 6px 6px;margin-bottom:6px;outline:2px solid #000;}
.dchk,.chk,.component{background:#2985EA;text-align:left}
input[type="radio"],input[type="checkbox"]{width:2em;height:2em;border:2px solid #eee;outline:2px solid #eee;display: inline;margin:1px;margin:4px 0 4px 4px;vertical-align: middle;position: relative;background:#144;color:#eee; display: inline;vertical-align: middle;position: relative;}
.hr{font-size:.1em;padding:0;margin:0 0 0 1em;width:50em;opacity:1;}
</style></head><body><div id="page">
<form action="updateUser.php" method="post"><div>
EOT;
ob_flush();
$check = array(1 => 1,2 => 2,3 => 4,4 => 8,5 => 16,6 => 32,7 => 64,8 => 128,9 => 256,10 => 512,11 => 1024,12 => 2048,13 => 4096,14 => 8192,15 => 16384,16 => 32768,17 => 65536,18 => 131072,19 => 262144,20 => 524288,21 => 1048576,22 => 2097152,23 => 4194304,24 => 8388608,25 => 16777216,26 => 33554432,27 => 67108864,28 => 134217728,29 => 268435456);
$permissions = array(0,1,2,4,8,16,32,64,128,256,512,1024,2048,4096,8192,16384,32768,65536,131072,262144,524288,1048576,2097152,4194304,8388608,16777216,33554432,67108864,134217728,268435456);
$checked = array_fill(0,32,'');
$userpermissions = intval($_GET['up']);
foreach($_POST as $key => $value){
if(substr($key,0,1) == 'c'){
$userpermissions |= $value;
}
}
for($i=1;$i<33;$i++){
if($userpermissions & $permissions[$i]){$checked[$i] = 'checked="checked"';}
}
echo <<<EOT
<button class="btn" type"button">Server Admin</button><br/>
<div id="d2" class="dchk "><input type="checkbox" id="c2" class="chk" name="c2" value="3" onclick="chk('2')" $checked[2] /> Ubuntu Dashboard</div><br/>
<div id="d3" class="dchk "><input type="checkbox" id="c3" class="chk" name="c3" value="5" onclick="chk('3')" $checked[3] /> Redis Cache Admin</div><br/>
<div id="d4" class="dchk "><input type="checkbox" id="c4" class="chk" name="c4" value="9" onclick="chk('4')" $checked[4] /> MySQL dB Management</div><br/>
<button class="btn" type"button">Neon and More</button><br/>
<div id="d6" class="dchk "><input type="checkbox" id="c6" class="chk" name="c6" value="48" onclick="chk('6')" $checked[6] /> Neon and More (NAM)</div><br/>
<div id="d7" class="dchk "><input type="checkbox" id="c7" class="chk" name="c7" value="80" onclick="chk('7')" $checked[7] /> SugarCRM</div><br/>
<div id="d8" class="dchk "><input type="checkbox" id="c8" class="chk" name="c8" value="144" onclick="chk('8')" $checked[8] /> NAM Magento Admin</div><br/>
<div id="d9" class="dchk "><input type="checkbox" id="c9" class="chk" name="c9" value="272" onclick="chk('9')" $checked[9] /> NAM Time Clock</div><br/>
<div id="d10" class="dchk "><input type="checkbox" id="c10" class="chk" name="c10" value="528" onclick="chk('10')" $checked[10] /> NeonAndMore Blog Admin</div><br/>
<div id="d11" class="dchk "><input type="checkbox" id="c11" class="chk" name="c11" value="1040" onclick="chk('11')" $checked[11] /> Order Reports</div><br/>
<div id="d12" class="dchk "><input type="checkbox" id="c12" class="chk" name="c12" value="2064" onclick="chk('12')" $checked[12] /> Work Orders</div><br/>
<div id="d13" class="dchk "><input type="checkbox" id="c13" class="chk" name="c13" value="4112" onclick="chk('13')" $checked[13] /> Update Order Status</div><br/>
<button class="btn" type"button">Channel Letter</button><br/>
<div id="d15" class="dchk "><input type="checkbox" id="c15" class="chk" name="c15" value="24576" onclick="chk('15')" $checked[15] /> Channel Letter</div><br/>
<div id="d16" class="dchk "><input type="checkbox" id="c16" class="chk" name="c16" value="40960" onclick="chk('16')" $checked[16] /> Magento Admin</div><br/>
<button class="btn" type"button">Border Tubing</button><br/>
<div id="d18" class="dchk "><input type="checkbox" id="c18" class="chk" name="c18" value="196608" onclick="chk('18')" $checked[18] /> Border Tubing</div><br/>
<button class="btn" type"button">Sign Parts And More</button><br/>
<div id="d20" class="dchk "><input type="checkbox" id="c20" class="chk" name="c20" value="786432" onclick="chk('20')" $checked[20] /> Sign Parts And More</div><br/>
<button class="btn" type"button">Other Services</button><br/>
<div id="d22" class="dchk "><input type="checkbox" id="c22" class="chk" name="c22" value="3145728" onclick="chk('22')" $checked[22] /> Pusher Realtime Events</div><br/>
<div id="d23" class="dchk "><input type="checkbox" id="c23" class="chk" name="c23" value="5242880" onclick="chk('23')" $checked[23] /> Zopim Customer Support Chat</div><br/>
<div id="d24" class="dchk "><input type="checkbox" id="c24" class="chk" name="c24" value="9437184" onclick="chk('24')" $checked[24] /> Google Analytics</div><br/>
<div id="d25" class="dchk "><input type="checkbox" id="c25" class="chk" name="c25" value="17825792" onclick="chk('25')" $checked[25] /> GitLab (Private GitHub Clone)</div><br/>
<button class="btn" type"button">Labs / Projects</button><br/>
<div id="d27" class="dchk "><input type="checkbox" id="c27" class="chk" name="c27" value="100663296" onclick="chk('27')" $checked[27] /> NAM LABS</div><br/>
<div id="d28" class="dchk "><input type="checkbox" id="c28" class="chk" name="c28" value="167772160" onclick="chk('28')" $checked[28] /> Camera Phone</div><br/>
<div id="d29" class="dchk "><input type="checkbox" id="c29" class="chk" name="c29" value="301989888" onclick="chk('29')" $checked[29] /> Server Email Verification</div><br/>
<button class="link" type="submit">Submit</button></div></form>
<h3> $userpermissions</h3>
<script type="text/javascript"> //<![CDATA[
var d = new Array;
var c = new Array;
function chk(id){
d[id].style.backgroundColor=bg[c[id].checked];
}
function init(){
var checked,did;
bg = new Array;
bg[true] = '#f00';
bg[false] = '#2985EA';
var divs = document.getElementsByTagName("div");
for (div=0; div<divs.length; div++){
did = divs[div].getAttribute("id");
if (did != null){
if (did.substring(0,1) == "d"){
var i = did.substring(1,5);
c[i] = document.getElementById('c' + i);
d[i] = document.getElementById('d' + i);
checked = c[i].checked;
d[i].style.backgroundColor=bg[checked];
//show = show + i + ',';
}
}
}
}
window.onload = init;
//]]>
</script>
</body></html>
EOT;
ob_end_flush();
?>