logging in or signing up ACL in PHP crynobone Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: Embed: Flash iPad Dynamic Copy Does not support media & animations Automatically changes to Flash or non-Flash embed WordPress Embed Customize Embed URL: Copy Thumbnail: Copy The presentation is successfully added In Your Favorites. Views: 14469 Category: Education License: All Rights Reserved Like it (10) Dislike it (0) Added: July 22, 2007 This Presentation is Public Favorites: 3 Presentation Description No description available Comments Posting comment... By: crhoanng (15 month(s) ago) thank Saving..... Post Reply Close Saving..... Edit Comment Close By: tungdt (19 month(s) ago) thank for post :) Saving..... Post Reply Close Saving..... Edit Comment Close By: manalibhojwani (33 month(s) ago) dis is a vry good n knwledgeful presentation..... pls send dis presentation on my id. my id is manalibhojwani@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: hammrouni (35 month(s) ago) thx ;) Saving..... Post Reply Close Saving..... Edit Comment Close By: umarrana (35 month(s) ago) wow Saving..... Post Reply Close Saving..... Edit Comment Close loading.... See all Premium member Presentation Transcript ACL in PHP: ACL in PHP By crynobone http://www.chronosight.netIsi Kandungan: Isi Kandungan Introduction What is ACL? Use of ACL? IF Else Authorization ACLIntroduction: Introduction What is ACL? ACL or it’s accroymn Access Control List, is a method to determine module access to each particular user inside a system. It’s a term, not included as native function for PHP whereby developer need to develop it themselves as user defined function. IF Else Authorization: IF Else Authorization Is the simplest way to execute authorization control in a system. Widely use in PHP by most developer. Contain many weaknessess: Hard to manage. Less dynamic. IF Else Authorization: IF Else Authorization Example: <?php $username = “test”; $levels = “admin”; if($level == “admin”) : //give system management access to admin. elseif($level == “hr”) : //give human resource access to hr. elseif($level == “it-dept”) : //give IT department access to IT dept’s staff. endif; ?>Example of senarios…: Example of senarios… The organization has create another department, “Multimedia Dept”, please give appropriate access to Multimedia Dept’s staffs! Later, “Multimedia Dept” need access to “IT Dept” modules, please provide access! Months later, “Multimedia Dept” will be close and all the staff will be transferred to “IT Dept”, please move all “Multimedia Dept” module to “IT Dept”!Example of senarios…: Example of senarios… All the example require us (programmer) to goes back to the code and change every single line which contain the IF ELSE Authorization. Now let consider a better way to manage this.ACL: ACL In this example, I be using database to manage ACL, table that are needed in the example are:- acl user user_group user_privilege It’s better to implement Object Oriented Programming (OOP) to manage the ACL. Access is check based on modules, not user levels.ACL – table acl: ACL – table aclACL – table user: ACL – table userACL – table user_group: ACL – table user_groupACL – table user_privilege: ACL – table user_privilegeCode {1}: Code {1} <?php // get user data $result = mysql_query(“SELECT u.username, g.id FROM user u LEFT JOIN user_group g ON u.group=g.id WHERE u.id=1”); $row = mysql_fetch_array($result); $username = $row[“username”]; $levels = $row[“id”]; $appACL = new ACL(); $appACL->fetch_ACL($level); if($appACL->check_ACL(1)) : //give access to module A elseif($appACL->check_ACL(2)) : //give access to module B elseif($appACL->check_ACL(3)) : //give access to module C endif; ?> Code {2}: Code {2} <?php class ACL { var $list_ACL; function fetch_ACL($level == 0) { $query = “SELECT p.id, FROM user_privilege p WHERE p.group_id=“.$level.” ORDER BY p.id ASC”; $result = mysql_query($query); $count = 1; while($row = mysql_fetch_array($result)) : while($count < $row[“id”]) : $this->list_ACL[$count] = 0; $count++; endwhile; if($count == $row[“id”]) : $this->list_ACL[$count] = 1; $count++; endif; endwhile; $query_acl = “SELECT count(id) AS totals FROM acl”; $result_acl = mysql_query($query_acl); $row_acl = mysql_fetch_array($result_acl); for(; $count <= $row_acl[“totals”]; $count++) : $this->list_ACL[$count] = 0; endfor; } // continues..Code {3}: Code {3} // continues from last page function check_ACL($acl = 0) { if($this->list_ACL[$acl] == 1) : return true; else : return false; endif; } ?>Sample: SampleGUI for Editing ACL {1}: GUI for Editing ACL {1} <form id=“acl_manager” method=“post” action=“acl.php”> <?php $query_group = "SELECT * FROM user_group"; $result_group = mysql_query($query_group); while ($row_group = $csdb->mysql_fetch_array($result_group)) : $levels[$row_group["id"]] = $row_group["name"]; endwhile; ?> <table> <thead> <tr> <th>Module</th> <?php foreach($levels as $value) : print “<th>”.$value.”</th>”; endforeach; ?> </tr> </thead> <?php // continues… ?>GUI for Editing ACL {2}: GUI for Editing ACL {2} <tbody> <?php $query_acl = "SELECT * FROM acl ORDER BY id ASC"; $result_acl = mysql_query($query_acl); $count = 0; while($row_acl = mysql_fetch_array($result_acl)) : $menu_id[$count] = $row_acl["id"]; $menu_runid[$row_acl["id"]] = $count; $menu_name[$count] = $row_acl["name"]; $count++; endwhile; $query_acp = "SELECT * FROM user_privilege"; $result_acp = mysql_query($query_acp); while($row_acp = mysql_fetch_array($result_acp)) : $this_id = $menu_runid[$row_acp[“acl_id"]]; $menu_access[$this_id][$row_acp[“group_id"]] = 1; endwhile; // continues… ?>GUI for Editing ACL {2}: GUI for Editing ACL {2} <tbody> <?php $query_acl = "SELECT * FROM acl ORDER BY id ASC"; $result_acl = mysql_query($query_acl); $count = 0; while($row_acl = mysql_fetch_array($result_acl)) : $menu_id[$count] = $row_acl["id"]; $menu_runid[$row_acl["id"]] = $count; $menu_name[$count] = $row_acl["name"]; $count++; endwhile; $query_acp = "SELECT * FROM user_privilege"; $result_acp = mysql_query($query_acp); while($row_acp = mysql_fetch_array($result_acp)) : $this_id = $menu_runid[$row_acp[“acl_id"]]; $menu_access[$this_id][$row_acp[“group_id"]] = 1; endwhile; // continues… ?>GUI for Editing ACL {3}: GUI for Editing ACL {3} $counts = 0; for($list = 0; $list < count($menu_id); $list++) : print "<tr>"; print "<td> <strong>".$menu_name[$list]."</strong> </td>"; foreach($levels as $level => $name) : $checked = ((isset($menu_access[$list][$level]) and $menu_access[$list][$level] == 1) ? "checked='checked'" : ""); print "<td> <input type='checkbox' ".$checked." id='menu_access_".$counts."' name='menu_access[".$counts."]' value='1' /> <input type='hidden' name='menu_id[".$counts."]' value='".$menu_id[$list]."' /> <input type='hidden' name='menu_level[".$list."]' value='".$level."' /> </td>"; $counts++; endforeach; print "</tr>"; endfor; ?> </tbody> </table> <div> <input type=“submit” name=“submit” value=“Submit” class=“button” /> </div> </form>Submit ACL: Submit ACL <?php // Validate post form command mysql_query("TRUNCATE TABLE user_privilege"); $acl_id = $_POST["menu_id"]; $acl_access = $_POST["menu_access"]; $acl_group = $_POST["menu_level"]; for ($i=0; $i < count($acl_id); $i++) : $bool = ((isset($acl_access[$i]) and $acl_access[$i] == 1) ? 1 : 0); if($bool == 1) : mysql_query("INSERT INTO user_privilege (acl_id, group_id) VALUES (".$acl_id[$i].", ".$acl_group[$i].")"); endif; endfor; ?> You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
ACL in PHP crynobone Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: Embed: Flash iPad Dynamic Copy Does not support media & animations Automatically changes to Flash or non-Flash embed WordPress Embed Customize Embed URL: Copy Thumbnail: Copy The presentation is successfully added In Your Favorites. Views: 14469 Category: Education License: All Rights Reserved Like it (10) Dislike it (0) Added: July 22, 2007 This Presentation is Public Favorites: 3 Presentation Description No description available Comments Posting comment... By: crhoanng (15 month(s) ago) thank Saving..... Post Reply Close Saving..... Edit Comment Close By: tungdt (19 month(s) ago) thank for post :) Saving..... Post Reply Close Saving..... Edit Comment Close By: manalibhojwani (33 month(s) ago) dis is a vry good n knwledgeful presentation..... pls send dis presentation on my id. my id is manalibhojwani@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: hammrouni (35 month(s) ago) thx ;) Saving..... Post Reply Close Saving..... Edit Comment Close By: umarrana (35 month(s) ago) wow Saving..... Post Reply Close Saving..... Edit Comment Close loading.... See all Premium member Presentation Transcript ACL in PHP: ACL in PHP By crynobone http://www.chronosight.netIsi Kandungan: Isi Kandungan Introduction What is ACL? Use of ACL? IF Else Authorization ACLIntroduction: Introduction What is ACL? ACL or it’s accroymn Access Control List, is a method to determine module access to each particular user inside a system. It’s a term, not included as native function for PHP whereby developer need to develop it themselves as user defined function. IF Else Authorization: IF Else Authorization Is the simplest way to execute authorization control in a system. Widely use in PHP by most developer. Contain many weaknessess: Hard to manage. Less dynamic. IF Else Authorization: IF Else Authorization Example: <?php $username = “test”; $levels = “admin”; if($level == “admin”) : //give system management access to admin. elseif($level == “hr”) : //give human resource access to hr. elseif($level == “it-dept”) : //give IT department access to IT dept’s staff. endif; ?>Example of senarios…: Example of senarios… The organization has create another department, “Multimedia Dept”, please give appropriate access to Multimedia Dept’s staffs! Later, “Multimedia Dept” need access to “IT Dept” modules, please provide access! Months later, “Multimedia Dept” will be close and all the staff will be transferred to “IT Dept”, please move all “Multimedia Dept” module to “IT Dept”!Example of senarios…: Example of senarios… All the example require us (programmer) to goes back to the code and change every single line which contain the IF ELSE Authorization. Now let consider a better way to manage this.ACL: ACL In this example, I be using database to manage ACL, table that are needed in the example are:- acl user user_group user_privilege It’s better to implement Object Oriented Programming (OOP) to manage the ACL. Access is check based on modules, not user levels.ACL – table acl: ACL – table aclACL – table user: ACL – table userACL – table user_group: ACL – table user_groupACL – table user_privilege: ACL – table user_privilegeCode {1}: Code {1} <?php // get user data $result = mysql_query(“SELECT u.username, g.id FROM user u LEFT JOIN user_group g ON u.group=g.id WHERE u.id=1”); $row = mysql_fetch_array($result); $username = $row[“username”]; $levels = $row[“id”]; $appACL = new ACL(); $appACL->fetch_ACL($level); if($appACL->check_ACL(1)) : //give access to module A elseif($appACL->check_ACL(2)) : //give access to module B elseif($appACL->check_ACL(3)) : //give access to module C endif; ?> Code {2}: Code {2} <?php class ACL { var $list_ACL; function fetch_ACL($level == 0) { $query = “SELECT p.id, FROM user_privilege p WHERE p.group_id=“.$level.” ORDER BY p.id ASC”; $result = mysql_query($query); $count = 1; while($row = mysql_fetch_array($result)) : while($count < $row[“id”]) : $this->list_ACL[$count] = 0; $count++; endwhile; if($count == $row[“id”]) : $this->list_ACL[$count] = 1; $count++; endif; endwhile; $query_acl = “SELECT count(id) AS totals FROM acl”; $result_acl = mysql_query($query_acl); $row_acl = mysql_fetch_array($result_acl); for(; $count <= $row_acl[“totals”]; $count++) : $this->list_ACL[$count] = 0; endfor; } // continues..Code {3}: Code {3} // continues from last page function check_ACL($acl = 0) { if($this->list_ACL[$acl] == 1) : return true; else : return false; endif; } ?>Sample: SampleGUI for Editing ACL {1}: GUI for Editing ACL {1} <form id=“acl_manager” method=“post” action=“acl.php”> <?php $query_group = "SELECT * FROM user_group"; $result_group = mysql_query($query_group); while ($row_group = $csdb->mysql_fetch_array($result_group)) : $levels[$row_group["id"]] = $row_group["name"]; endwhile; ?> <table> <thead> <tr> <th>Module</th> <?php foreach($levels as $value) : print “<th>”.$value.”</th>”; endforeach; ?> </tr> </thead> <?php // continues… ?>GUI for Editing ACL {2}: GUI for Editing ACL {2} <tbody> <?php $query_acl = "SELECT * FROM acl ORDER BY id ASC"; $result_acl = mysql_query($query_acl); $count = 0; while($row_acl = mysql_fetch_array($result_acl)) : $menu_id[$count] = $row_acl["id"]; $menu_runid[$row_acl["id"]] = $count; $menu_name[$count] = $row_acl["name"]; $count++; endwhile; $query_acp = "SELECT * FROM user_privilege"; $result_acp = mysql_query($query_acp); while($row_acp = mysql_fetch_array($result_acp)) : $this_id = $menu_runid[$row_acp[“acl_id"]]; $menu_access[$this_id][$row_acp[“group_id"]] = 1; endwhile; // continues… ?>GUI for Editing ACL {2}: GUI for Editing ACL {2} <tbody> <?php $query_acl = "SELECT * FROM acl ORDER BY id ASC"; $result_acl = mysql_query($query_acl); $count = 0; while($row_acl = mysql_fetch_array($result_acl)) : $menu_id[$count] = $row_acl["id"]; $menu_runid[$row_acl["id"]] = $count; $menu_name[$count] = $row_acl["name"]; $count++; endwhile; $query_acp = "SELECT * FROM user_privilege"; $result_acp = mysql_query($query_acp); while($row_acp = mysql_fetch_array($result_acp)) : $this_id = $menu_runid[$row_acp[“acl_id"]]; $menu_access[$this_id][$row_acp[“group_id"]] = 1; endwhile; // continues… ?>GUI for Editing ACL {3}: GUI for Editing ACL {3} $counts = 0; for($list = 0; $list < count($menu_id); $list++) : print "<tr>"; print "<td> <strong>".$menu_name[$list]."</strong> </td>"; foreach($levels as $level => $name) : $checked = ((isset($menu_access[$list][$level]) and $menu_access[$list][$level] == 1) ? "checked='checked'" : ""); print "<td> <input type='checkbox' ".$checked." id='menu_access_".$counts."' name='menu_access[".$counts."]' value='1' /> <input type='hidden' name='menu_id[".$counts."]' value='".$menu_id[$list]."' /> <input type='hidden' name='menu_level[".$list."]' value='".$level."' /> </td>"; $counts++; endforeach; print "</tr>"; endfor; ?> </tbody> </table> <div> <input type=“submit” name=“submit” value=“Submit” class=“button” /> </div> </form>Submit ACL: Submit ACL <?php // Validate post form command mysql_query("TRUNCATE TABLE user_privilege"); $acl_id = $_POST["menu_id"]; $acl_access = $_POST["menu_access"]; $acl_group = $_POST["menu_level"]; for ($i=0; $i < count($acl_id); $i++) : $bool = ((isset($acl_access[$i]) and $acl_access[$i] == 1) ? 1 : 0); if($bool == 1) : mysql_query("INSERT INTO user_privilege (acl_id, group_id) VALUES (".$acl_id[$i].", ".$acl_group[$i].")"); endif; endfor; ?>