关于PHP权限有关问题-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

关于PHP权限有关问题

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 13, 2016 am 11:06 AM

includenbsprbacsessionthinkphp

关于PHP权限问题
目的描述：
    系统中包含各个模块，模块下面又分为许多子模块，理论上是无限分级的模块。要实现对各个模块的各种权限操作。
    现在有的权限包裹增、删、改、查，下载，发帖，上传权限，权限对应权限表，允许添加新权限。权限表数据结构（权限ID，权限名称，备注）。
    每个模块包含权限表中的一种或多种权限，父级模块的权限子集模块不具有继承性，也就是说，对一个子集模块的父级模块具有修改权限，但是子集模块不会继承该权限。
    用户的权限继承于用户组，通过调整用户组的权限来控制用户的权限。一个用户只能属于一个用户组，一个用户组可以拥有多个用户。

求解怎么实现这样情况下的权限分配问题
------解决方案--------------------
没什么啊,对用户组授权,然后判断用户的用户组进行全选赋予.
鉴于你的权限不继承,只要判断当前模块id的权限就可以了,很简单的
------解决方案--------------------
可以参考Thinkphp 的做法！rbac,很方便的管理后台权限！
------解决方案--------------------
你不是说用户权限就是所在组的权限吗？用户的权限继承于用户组，通过调整用户组的权限来控制用户的权限。
既然你已经将所有组权限都保存到了缓存文件中了，那么还要查数据库干什么呢？

用户登录时，将所隶属的组保存于 session
进入模块时，加载相应组的权限缓存文件。你是以代码形式保存的，只需 include 即可
检查对该模块的权限，作出相应动作。就可以了呀

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How does PHP identify a user's session?May 01, 2025 am 12:23 AM

PHPidentifiesauser'ssessionusingsessioncookiesandsessionIDs.1)Whensession_start()iscalled,PHPgeneratesauniquesessionIDstoredinacookienamedPHPSESSIDontheuser'sbrowser.2)ThisIDallowsPHPtoretrievesessiondatafromtheserver.

What are some best practices for securing PHP sessions?May 01, 2025 am 12:22 AM

The security of PHP sessions can be achieved through the following measures: 1. Use session_regenerate_id() to regenerate the session ID when the user logs in or is an important operation. 2. Encrypt the transmission session ID through the HTTPS protocol. 3. Use session_save_path() to specify the secure directory to store session data and set permissions correctly.

Where are PHP session files stored by default?May 01, 2025 am 12:15 AM

PHPsessionfilesarestoredinthedirectoryspecifiedbysession.save_path,typically/tmponUnix-likesystemsorC:\Windows\TemponWindows.Tocustomizethis:1)Usesession_save_path()tosetacustomdirectory,ensuringit'swritable;2)Verifythecustomdirectoryexistsandiswrita

How do you retrieve data from a PHP session?May 01, 2025 am 12:11 AM

ToretrievedatafromaPHPsession,startthesessionwithsession_start()andaccessvariablesinthe$_SESSIONarray.Forexample:1)Startthesession:session_start().2)Retrievedata:$username=$_SESSION['username'];echo"Welcome,".$username;.Sessionsareserver-si

How can you use sessions to implement a shopping cart?May 01, 2025 am 12:10 AM

The steps to build an efficient shopping cart system using sessions include: 1) Understand the definition and function of the session. The session is a server-side storage mechanism used to maintain user status across requests; 2) Implement basic session management, such as adding products to the shopping cart; 3) Expand to advanced usage, supporting product quantity management and deletion; 4) Optimize performance and security, by persisting session data and using secure session identifiers.

How do you create and use an interface in PHP?Apr 30, 2025 pm 03:40 PM

The article explains how to create, implement, and use interfaces in PHP, focusing on their benefits for code organization and maintainability.

What is the difference between crypt() and password_hash()?Apr 30, 2025 pm 03:39 PM

The article discusses the differences between crypt() and password_hash() in PHP for password hashing, focusing on their implementation, security, and suitability for modern web applications.

How can you prevent Cross-Site Scripting (XSS) in PHP?Apr 30, 2025 pm 03:38 PM

Article discusses preventing Cross-Site Scripting (XSS) in PHP through input validation, output encoding, and using tools like OWASP ESAPI and HTML Purifier.

See all articles