search

Home >Backend Development >PHP Tutorial >PHPCMS does not display the left menu corresponding to the unauthorized column_PHP tutorial

PHPCMS does not display the left menu corresponding to the unauthorized column_PHP tutorial

WBOY
WBOYOriginal
2016-07-13 10:34:031051browse

PHPCMS can set permissions for certain roles. For example, some columns are inaccessible to certain roles. However, the left menu will still display the column name, which is not necessary for editors. Even if you can’t access it, why is the column name still displayed? After looking at the PHPCMS code, I simply implemented the small function of hiding the menu.

It can be easily analyzed from the background page that the left menu is generated using Ajax: 

$.ajax(
{	
	type:'get', 
	url:'?mod=phpcms&file=menu&action=get_menu_list&menuid='+id, 
	cache:cache_refresh,
	dataType:'json', 
	success:function(json)
	{
		……
	}
}

The requested address is http://www.bkjia.com/admin.php?mod=phpcms&file=menu&action=get_menu_list&menuid=4

In the URL parameters, file refers to the requested controller file, here menu refers to the file admin/menu.inc.php, and action refers to the method. We find the get_menu_list method under menu.inc.php: 

case 'get_menu_list':
	$data = $m->get_child($menuid);
	$data = str_charset(CHARSET, 'utf-8', $data);
	$max = array_slice($data, -1);
	$data['max'] = $max[0]['menuid'];
	$data = json_encode($data);
	if(PHP_OS < 5.0) header('Content-type: text/html; charset=utf-8');
	echo $data;
	break;

Change it to: 

case 'get_menu_list':
	$data = $m->get_child($menuid);
	
	foreach($data as $k=>$val)
	{
		if( !empty($data[$k]['keyid']) && substr( $data[$k]['keyid'], 0, 5 ) == 'catid' )
		{
			if( $data[$k]['keyid'] == 'catid_0' )
			{
				continue;
			}
			$catid = str_replace("catid_", "", $data[$k]['keyid']);
			
			// 管理权限
			$allow_manage = $priv_role->check('catid', $catid, 'manage');
			
			if(!$allow_manage)
			{
				unset($data[$k]);
			}
		}
	}
	
	$data = str_charset(CHARSET, 'utf-8', $data);
	$max = array_slice($data, -1);
	$data['max'] = $max[0]['menuid'];
	$data = json_encode($data);
	if(PHP_OS < 5.0) header('Content-type: text/html; charset=utf-8');
	echo $data;
	break;

The code is speculative, but the general idea is this.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/752363.htmlTechArticlePHPCMS can set permissions for certain roles. For example, certain columns are inaccessible to certain roles. However, the left menu will still display the column name, which is unnecessary for editors...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Use native PHP to write a routing function like CodeIgniter_PHP TutorialNext article:Use native PHP to write a routing function like CodeIgniter_PHP Tutorial

Related articles

See more