ACL in PHP

52 %
48 %
Information about ACL in PHP
Education

Published on July 22, 2007

Author: crynobone

Source: authorstream.com

ACL in PHP:  ACL in PHP By crynobone http://www.chronosight.net Isi Kandungan:  Isi Kandungan Introduction What is ACL? Use of ACL? IF Else Authorization ACL Introduction:  Introduction What is ACL? ACL or it’s accroymn Access Control List, is a method to determine module access to each particular user inside a system. It’s a term, not included as native function for PHP whereby developer need to develop it themselves as user defined function. IF Else Authorization:  IF Else Authorization Is the simplest way to execute authorization control in a system. Widely use in PHP by most developer. Contain many weaknessess: Hard to manage. Less dynamic. IF Else Authorization:  IF Else Authorization Example: <?php $username = “test”; $levels = “admin”; if($level == “admin”) : //give system management access to admin. elseif($level == “hr”) : //give human resource access to hr. elseif($level == “it-dept”) : //give IT department access to IT dept’s staff. endif; ?> Example of senarios…:  Example of senarios… The organization has create another department, “Multimedia Dept”, please give appropriate access to Multimedia Dept’s staffs! Later, “Multimedia Dept” need access to “IT Dept” modules, please provide access! Months later, “Multimedia Dept” will be close and all the staff will be transferred to “IT Dept”, please move all “Multimedia Dept” module to “IT Dept”! Example of senarios…:  Example of senarios… All the example require us (programmer) to goes back to the code and change every single line which contain the IF ELSE Authorization. Now let consider a better way to manage this. ACL:  ACL In this example, I be using database to manage ACL, table that are needed in the example are:- acl user user_group user_privilege It’s better to implement Object Oriented Programming (OOP) to manage the ACL. Access is check based on modules, not user levels. ACL – table acl:  ACL – table acl ACL – table user:  ACL – table user ACL – table user_group:  ACL – table user_group ACL – table user_privilege:  ACL – table user_privilege Code {1}:  Code {1} <?php // get user data $result = mysql_query(“SELECT u.username, g.id FROM user u LEFT JOIN user_group g ON u.group=g.id WHERE u.id=1”); $row = mysql_fetch_array($result); $username = $row[“username”]; $levels = $row[“id”]; $appACL = new ACL(); $appACL->fetch_ACL($level); if($appACL->check_ACL(1)) : //give access to module A elseif($appACL->check_ACL(2)) : //give access to module B elseif($appACL->check_ACL(3)) : //give access to module C endif; ?> Code {2}:  Code {2} <?php class ACL { var $list_ACL; function fetch_ACL($level == 0) { $query = “SELECT p.id, FROM user_privilege p WHERE p.group_id=“.$level.” ORDER BY p.id ASC”; $result = mysql_query($query); $count = 1; while($row = mysql_fetch_array($result)) : while($count < $row[“id”]) : $this->list_ACL[$count] = 0; $count++; endwhile; if($count == $row[“id”]) : $this->list_ACL[$count] = 1; $count++; endif; endwhile; $query_acl = “SELECT count(id) AS totals FROM acl”; $result_acl = mysql_query($query_acl); $row_acl = mysql_fetch_array($result_acl); for(; $count <= $row_acl[“totals”]; $count++) : $this->list_ACL[$count] = 0; endfor; } // continues.. Code {3}:  Code {3} // continues from last page function check_ACL($acl = 0) { if($this->list_ACL[$acl] == 1) : return true; else : return false; endif; } ?> Sample:  Sample GUI for Editing ACL {1}:  GUI for Editing ACL {1} <form id=“acl_manager” method=“post” action=“acl.php”> <?php $query_group = "SELECT * FROM user_group"; $result_group = mysql_query($query_group); while ($row_group = $csdb->mysql_fetch_array($result_group)) : $levels[$row_group["id"]] = $row_group["name"]; endwhile; ?> <table> <thead> <tr> <th>Module</th> <?php foreach($levels as $value) : print “<th>”.$value.”</th>”; endforeach; ?> </tr> </thead> <?php // continues… ?> GUI for Editing ACL {2}:  GUI for Editing ACL {2} <tbody> <?php $query_acl = "SELECT * FROM acl ORDER BY id ASC"; $result_acl = mysql_query($query_acl); $count = 0; while($row_acl = mysql_fetch_array($result_acl)) : $menu_id[$count] = $row_acl["id"]; $menu_runid[$row_acl["id"]] = $count; $menu_name[$count] = $row_acl["name"]; $count++; endwhile; $query_acp = "SELECT * FROM user_privilege"; $result_acp = mysql_query($query_acp); while($row_acp = mysql_fetch_array($result_acp)) : $this_id = $menu_runid[$row_acp[“acl_id"]]; $menu_access[$this_id][$row_acp[“group_id"]] = 1; endwhile; // continues… ?> GUI for Editing ACL {2}:  GUI for Editing ACL {2} <tbody> <?php $query_acl = "SELECT * FROM acl ORDER BY id ASC"; $result_acl = mysql_query($query_acl); $count = 0; while($row_acl = mysql_fetch_array($result_acl)) : $menu_id[$count] = $row_acl["id"]; $menu_runid[$row_acl["id"]] = $count; $menu_name[$count] = $row_acl["name"]; $count++; endwhile; $query_acp = "SELECT * FROM user_privilege"; $result_acp = mysql_query($query_acp); while($row_acp = mysql_fetch_array($result_acp)) : $this_id = $menu_runid[$row_acp[“acl_id"]]; $menu_access[$this_id][$row_acp[“group_id"]] = 1; endwhile; // continues… ?> GUI for Editing ACL {3}:  GUI for Editing ACL {3} $counts = 0; for($list = 0; $list < count($menu_id); $list++) : print "<tr>"; print "<td> <strong>".$menu_name[$list]."</strong> </td>"; foreach($levels as $level => $name) : $checked = ((isset($menu_access[$list][$level]) and $menu_access[$list][$level] == 1) ? "checked='checked'" : ""); print "<td> <input type='checkbox' ".$checked." id='menu_access_".$counts."' name='menu_access[".$counts."]' value='1' /> <input type='hidden' name='menu_id[".$counts."]' value='".$menu_id[$list]."' /> <input type='hidden' name='menu_level[".$list."]' value='".$level."' /> </td>"; $counts++; endforeach; print "</tr>"; endfor; ?> </tbody> </table> <div> <input type=“submit” name=“submit” value=“Submit” class=“button” /> </div> </form> Submit ACL:  Submit ACL <?php // Validate post form command mysql_query("TRUNCATE TABLE user_privilege"); $acl_id = $_POST["menu_id"]; $acl_access = $_POST["menu_access"]; $acl_group = $_POST["menu_level"]; for ($i=0; $i < count($acl_id); $i++) : $bool = ((isset($acl_access[$i]) and $acl_access[$i] == 1) ? 1 : 0); if($bool == 1) : mysql_query("INSERT INTO user_privilege (acl_id, group_id) VALUES (".$acl_id[$i].", ".$acl_group[$i].")"); endif; endfor; ?>

Add a comment

Related presentations

Related pages

Access Control List – Wikipedia

Eine Access Control List (ACL; deutsch Zugriffssteuerungsliste, ZSL), ist eine Software-Technik, mit der Betriebssysteme und Anwendungsprogramme Zugriffe ...
Read more

GRC software for audit, finance, governance, risk ... - ACL

ACL GRC Manage projects across Audit, Risk, Compliance, Finance & IT; ACL Analytics Analyze risks & controls, visualize results; ACL Analytics Exchange ...
Read more

Creating a Custom ACL in PHP - Developer.com

An ACL (access control list) is a list that controls object permissions, determining which user can execute a certain task. It can be further extended to ...
Read more

PHP Generic Access Control Lists

Summary: A PHP class offering Web developers a simple, yet immensely powerful "drop in" permission system to their current Web based applications.
Read more

ACL - HOME

Since 1967, ACL has been a specialized transatlantic carrier of containers, project and oversized cargo, heavy equipment and vehicles with the world's ...
Read more

acl php free download - SourceForge

acl php free download. s3cmd Open-source tool to access Amazon S3 file storage. S3cmd is a free command line tool and client for ...
Read more

Access Control Lists (ACL) — Phalcon 3.0.0 documentation

Access Control Lists (ACL)¶ PhalconAcl provides an easy and lightweight management of ACLs as well as the permissions attached to them. Access Control ...
Read more

Access Control Lists - ArchWiki - Arch Linux

To enable ACL, the filesystem must be mounted with the acl option. You can use fstab to make it permanent on your system. There is a possibility ...
Read more

ACL-Deutschland // Willkommen

Dabei unterscheidet die ACL zwischen: Stufe 1: Therapievorbereitung, Stufe 2: stationärer Langzeittherapie (sogenannter Intensivbetreuung), und;
Read more

ACL › Wiki › ubuntuusers.de

Aufbau einer ACL¶ ACLs lösen das Problem, indem man beliebigen weiteren Personen und Gruppen die Zugriffsrechte (lesen, schreiben, ausführen bzw.
Read more