个人认为的PHP MVC框架中实现RBAC的原理 顺序:
数据表
<code>1.tb_user(id,uname,roleid) 2.tb_role(roleid,rolename) 3.tb_module(moduleid,moudulename,mvc_url) 4.tb_access(accessid,roleid,mouduleid) </code>
实现原理
<code>1. 根据$uid 得到 $roleid。 2. 根据当前MVC参数 __CLASS__ __METHOD__ 拼接成路由网址 $mvc_url 3. 根据 $mvc_url 去表 tb_module中查询,得到 $moduleid 4. 根据 $roleid,$mouduleid 查询表 tb_access中是否有此条记录 5. 如果 有,可以访问;如果没有,禁止访问该动作 action 方法 </code>
缺点
假如有一个模块, class Article,方法function lists();。
如果当前用户只有查看权限却没有修改、添加、删除权限,那么lists页面中关于 添加 修改 删除 按钮如何判断?
另外一个方法
数据表
<code>1.tb_user(userid,username,roleid) 2.tb_role(roleid,rolename) 3.tb_module(moduleid,moudulename,link,upid) 4.tb_permission(roleid,title,mouduleid,permission) </code>
其中 permission 的值有这几种
<code>{1:查看,2:添加,4:修改,8:删除,16:...}
</code>
RBAC实现流程
1.通过用户的 $userid 得到 $roleid
2.通过用户当前的网址去查询tb_module表中对应的link,得到 $moduleid。如果该module有父模块。那么获得他的父模块。比如当前模块MVC网址是 article/add,那么他的真正moduleid是
<code>select moduleid from tb_module
where id=(
select upid from tb_module where link='article/add'
)
</code>
3.通过 $roleid 和 $moduleid 去查询 tb_permission,得到记录总和
<code>select sum(permission) as permission from tb_permission where roleid=$roleid and moduleid=$moduleid </code>
4.如果当前访问 article/lst
<code>switch($permission){
case 1: //只有访问权限
break;
case 2://访问、添加权限
break;
case 4://访问、添加、修改权限
break;
case 8://访问、添加、修改、删除权限
break;
case 16:
break;
}
</code>
对于第二种方法,说下看法,类似于电脑文件的 0777这种权限。
回复内容:
个人认为的PHP MVC框架中实现RBAC的原理 顺序:
数据表
<code>1.tb_user(id,uname,roleid) 2.tb_role(roleid,rolename) 3.tb_module(moduleid,moudulename,mvc_url) 4.tb_access(accessid,roleid,mouduleid) </code>
实现原理
<code>1. 根据$uid 得到 $roleid。 2. 根据当前MVC参数 __CLASS__ __METHOD__ 拼接成路由网址 $mvc_url 3. 根据 $mvc_url 去表 tb_module中查询,得到 $moduleid 4. 根据 $roleid,$mouduleid 查询表 tb_access中是否有此条记录 5. 如果 有,可以访问;如果没有,禁止访问该动作 action 方法 </code>
缺点
假如有一个模块, class Article,方法function lists();。
如果当前用户只有查看权限却没有修改、添加、删除权限,那么lists页面中关于 添加 修改 删除 按钮如何判断?
另外一个方法
数据表
<code>1.tb_user(userid,username,roleid) 2.tb_role(roleid,rolename) 3.tb_module(moduleid,moudulename,link,upid) 4.tb_permission(roleid,title,mouduleid,permission) </code>
其中 permission 的值有这几种
<code>{1:查看,2:添加,4:修改,8:删除,16:...}
</code>
RBAC实现流程
1.通过用户的 $userid 得到 $roleid
2.通过用户当前的网址去查询tb_module表中对应的link,得到 $moduleid。如果该module有父模块。那么获得他的父模块。比如当前模块MVC网址是 article/add,那么他的真正moduleid是
<code>select moduleid from tb_module
where id=(
select upid from tb_module where link='article/add'
)
</code>
3.通过 $roleid 和 $moduleid 去查询 tb_permission,得到记录总和
<code>select sum(permission) as permission from tb_permission where roleid=$roleid and moduleid=$moduleid </code>
4.如果当前访问 article/lst
<code>switch($permission){
case 1: //只有访问权限
break;
case 2://访问、添加权限
break;
case 4://访问、添加、修改权限
break;
case 8://访问、添加、修改、删除权限
break;
case 16:
break;
}
</code>
对于第二种方法,说下看法,类似于电脑文件的 0777这种权限。
比RBAC更好的权限认证方式(Auth类认证)
Dependency Injection in PHP: Avoiding Common PitfallsMay 16, 2025 am 12:17 AMDependencyInjection(DI)inPHPenhancescodeflexibilityandtestabilitybydecouplingdependencycreationfromusage.ToimplementDIeffectively:1)UseDIcontainersjudiciouslytoavoidover-engineering.2)Avoidconstructoroverloadbylimitingdependenciestothreeorfour.3)Adhe
How to Speed Up Your PHP Website: Performance TuningMay 16, 2025 am 12:12 AMToimproveyourPHPwebsite'sperformance,usethesestrategies:1)ImplementopcodecachingwithOPcachetospeedupscriptinterpretation.2)Optimizedatabasequeriesbyselectingonlynecessaryfields.3)UsecachingsystemslikeRedisorMemcachedtoreducedatabaseload.4)Applyasynch
Sending Mass Emails with PHP: Is it Possible?May 16, 2025 am 12:10 AMYes,itispossibletosendmassemailswithPHP.1)UselibrarieslikePHPMailerorSwiftMailerforefficientemailsending.2)Implementdelaysbetweenemailstoavoidspamflags.3)Personalizeemailsusingdynamiccontenttoimproveengagement.4)UsequeuesystemslikeRabbitMQorRedisforb
What is the purpose of Dependency Injection in PHP?May 16, 2025 am 12:10 AMDependencyInjection(DI)inPHPisadesignpatternthatachievesInversionofControl(IoC)byallowingdependenciestobeinjectedintoclasses,enhancingmodularity,testability,andflexibility.DIdecouplesclassesfromspecificimplementations,makingcodemoremanageableandadapt
How to send an email using PHP?May 16, 2025 am 12:03 AMThe best ways to send emails using PHP include: 1. Use PHP's mail() function to basic sending; 2. Use PHPMailer library to send more complex HTML mail; 3. Use transactional mail services such as SendGrid to improve reliability and analysis capabilities. With these methods, you can ensure that emails not only reach the inbox, but also attract recipients.
How to calculate the total number of elements in a PHP multidimensional array?May 15, 2025 pm 09:00 PMCalculating the total number of elements in a PHP multidimensional array can be done using recursive or iterative methods. 1. The recursive method counts by traversing the array and recursively processing nested arrays. 2. The iterative method uses the stack to simulate recursion to avoid depth problems. 3. The array_walk_recursive function can also be implemented, but it requires manual counting.
What are the characteristics of do-while loops in PHP?May 15, 2025 pm 08:57 PMIn PHP, the characteristic of a do-while loop is to ensure that the loop body is executed at least once, and then decide whether to continue the loop based on the conditions. 1) It executes the loop body before conditional checking, suitable for scenarios where operations need to be performed at least once, such as user input verification and menu systems. 2) However, the syntax of the do-while loop can cause confusion among newbies and may add unnecessary performance overhead.
How to hash strings in PHP?May 15, 2025 pm 08:54 PMEfficient hashing strings in PHP can use the following methods: 1. Use the md5 function for fast hashing, but is not suitable for password storage. 2. Use the sha256 function to improve security. 3. Use the password_hash function to process passwords to provide the highest security and convenience.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
SublimeText3 English version
Recommended: Win version, supports code prompts!
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
Dreamweaver CS6
Visual web development tools
