PHP代码通过权限限制成员访问
我正在用 PHP 和 PHP 构建一个网站。 mySQL。它具有前端和后端功能。只有管理员才能通过用户名和密码进入后台。现在,如果管理员想要向网站添加其他子管理员,他可以这样做。通过这种方法,子管理员将能够登录并执行原始管理员能够执行的所有操作。
我想要做什么:
我想根据我的选择限制子管理员的访问权限并为其分配权限,以便他们只能访问管理面板的某些部分。
我正在谈论的功能示例:
考虑到我有原始管理员可以访问的以下链接。 1. 添加文章 2. 批准文章 3. 删除文章 4. 添加用户 5. 编辑用户 6. 删除用户 7. 更改站点设置 8. 查看财务信息 9. 邮件中心
如果我不设置任何权限,则所有子-管理员将能够访问上述所有链接。假设我创建了 2 个子管理员“David”和“Bob”。
现在我希望 David 仅访问后端的以下所需部分:
- 添加文章,4. 添加用户,7. 更改站点设置
现在我希望 Bob 仅访问后端的以下所需部分:
- 添加文章,2. 批准文章, 3. 删除文章, 4. 添加用户, 9. 邮件中心
我作为原始管理员,应该能够访问所有部分,而 David 和 Bob 应该能够看到&仅访问已分配给他们的链接和页面(或功能)。我不知道如何做到这一点。另外,例如,如果我想限制子管理员仅访问“添加文章”页面,那么我还希望他访问它发布到的页面(考虑到输入位于“添加文章”页面上)add_articles_next.php页。另请注意,“add_articles_next.php page”不会出现在链接列表中的任何位置。它只是从子管理员有权访问的页面发布的页面。
我知道系统无法知道这一点,除非我明确指定,但是,是的,这就是我的问题。怎么做呢?我不是一个面向对象的人,所以使用函数的 PHP 代码对我来说会很棒。
我正在谈论的功能的其他实例:
我在研究这个主题时遇到了一个功能。 点击此处访问。这看起来有些相似的功能。
预先感谢大家提供给我的任何代码。
I am building a website in PHP & mySQL. It has frontend and backend capabilities. Only admin can enter the backend by means of username and password. Now if the admin wants to add other sub-admins to the website, he could do so. By this method, a sub-admin will be able to login and perform all actions that the original admin is able to do.
WHAT I WANT TO DO:
I want to restrict the access of the sub-admins at my choice and assign them permissions so that they are able to access only certain portions of the admin panel.
EXAMPLE OF THE FEATURE THAT I AM TALKING ABOUT:
Consider that I have the following links accessible by original admin.
1. Add articles 2. Approve articles 3. Delete Articles 4. Add User 5. Edit user 6. Delete User 7. Change site settings 8. View Financial info 9. Mail center
If I do not set any permissions, then all sub-admins will be able to access all of above links. Say I create 2 sub-admins 'David' and 'Bob'.
Now I want David to access only the following desired sections of the backend:
- Add articles, 4. Add User, 7. Change site settings
Now I want Bob to access only the following desired sections of the backend:
- Add articles, 2. Approve articles, 3. Delete Articles, 4. Add User, 9. Mail center
I, being the original admin, should be able to access all sections whereas, David and Bob, should be able to see & access only the links and pages (or functionality) that have been assigned to them. I don't have a clue as to how to do this. Also, for example, if I want to restrict a sub-admin to access only 'Add articles' page, then I also want him to access the page that it posts to (considering that the input is on Add articles page) add_articles_next.php page. Also note that 'add_articles_next.php page' does not appear anywhere in the list of links. It is merely a page that is posted to from the page to which the sub-admin has access.
I understand that there is no way for the system to know that unless I explicitly specify it, but yes, that's my question. How to do it? I am not a object oriented person, so PHP code using functions will be great for me.
OTHER LIVE EXAMPLES OF THE FEATURE THAT I AM TALKING ABOUT:
I came across a feature while researching this topic. Click here to visit it. This looks like somewhat similar feature.
Thank you all in advance for any code that you can give me.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
之前在 SO 上已经多次询问过这个问题。要搜索的关键字是访问控制列表 (ACL)。 ACL 最著名的 PHP 解决方案之一是 Zend_ACL。它非常通用,应该使您能够根据需要对其进行自定义。
编辑您对面向对象库的评论:
找到一个非面向对象的 ACL 解决方案将非常非常困难,因为市场上很少有适合 PHP 的 ACL(Zend 是关于只有我知道,真的)并且大多数现代应用程序都或多或少地采用面向对象的方法。但不用担心,请查看教程。我认为在面向功能的应用程序中使用 Zend_Acl 不会有任何问题。您需要通过 OOP 与 ACL 对话,但这很容易。我认为您无需对应用程序进行太多更改。尝试一下,一般来说,基本的 OOP 并不难学。只需仔细阅读 PHP 手册中的“类和对象”一章即可。
This has been asked a number of times before on SO. The keyword to search for is Access Control Lists (ACL). One of the most prominent PHP solutions for ACL is Zend_ACL. It's very generic and should enable you to customize it to your needs.
Edit regarding your comment about object oriented libraries:
Finding an ACL solution that is not object oriented is going to be very, very difficult as there are very few good ACLs for PHP on the market (Zend is about the only one I know, really) and most modern applications are taking a more or less object oriented approach. But don't worry, check out the tutorials. I think you will have no problem using Zend_Acl in a function oriented app. You will need to talk to the ACL via OOP, but that's easy. I don't think you'll have to change your app much. Give it a try, and on a general note, basic OOP isn't difficult to learn. Just give the "Classes and Objects" chapter in the PHP manual a good read.