PHP 权限管理

login页面
<form action="loginchuli.php" method="post">
    <div>用户名:<input type="text" name="uid" /></div>
    <div>密码:<input type="text" name="pwd" /></div>
    <input type="submit" value="登录" />
</form>
loginchuli页面
<?php
session_start();
$uid = $_POST["uid"];
$pwd = $_POST["pwd"];

include("../DBDA.php");
$db = new DBDA();

$sql = "select count(*) from Users where Uid='{$uid}' and Pwd = '{$pwd}'";

$z = $db->StrQuery($sql);

if($z == 1)
{
    $_SESSION["uid"] = $uid;
    header("location:main.php");
}
else
{
    header("location:login.php");
}

main主页面

<?php
session_start();

if(empty($_SESSION["uid"]))
{
    header("location:login.php");
    exit;
}
$uid = $_SESSION["uid"];

include("../DBDA.php");
$db = new DBDA();
?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
<style type="text/css">
*{ margin:0px auto; padding:0px}
#menu{
    width:100%;
    height:40px;
    }
.cd{
    width:100px;
    height:40px;
    background-color:#60C;
    color:white;
    font-size:18px;
    text-align:center;
    line-height:40px;
    vertical-align:middle;
    float:left;
    }
.cd:hover{
    
    background-color:#F33;
    cursor:pointer;
    
    }
</style>
</head>

<body>
<br />
<center><h1>主页面</h1></center>
<br />
<a href="login.php">退出 <?php echo $uid; ?></a>
<br />

<div id="menu">
    <div class="cd">权限管理</div>
    
    <?php
    
    //根据用户名找到所对应的角色代号
    $sjs = "select JueSeId from UserInJueSe where UserId ='{$uid}' ";
    
    $ajs = $db->Query($sjs);
    
    //根据角色代号找到对应的功能
    $all = array();//存储该用户所有的功能代号
    
    foreach($ajs as $vjs)
    {
        $sgn = "select RuleId from JueSeWithRules where JueSeId ='{$vjs[0]}'";
        $agn = $db->Query($sgn);
        
        foreach($agn as $vgn)
        {
            array_push($all,$vgn[0]);    
        }
    }
    
    $all = array_unique($all);
    
    //显示菜单
    foreach($all as $vall)
    {
        $sn = "select Name from Rules where Code = '{$vall}'";
        $name = $db->StrQuery($sn);
        
        echo "<div class='cd'>{$name}</div>";
    }
    
    ?>
    
</div>

guanli页面

<h1>权限管理</h1>

<div>请选择用户:
    <select id="user">
        <?php
        include("../DBDA.php");
        $db = new DBDA();
        
        $sql = "select * from Users";
        $attr = $db->Query($sql);
        
        foreach($attr as $v)
        {
            echo "<option value='{$v[0]}'>{$v[2]}</option>";
        }
        
        ?>
    </select>
</div>
<br />
<div>
    <div>请选择角色:</div>  
    <br />
    <div>
       <?php
        $sqljs = "select * from JueSe";
        $attrjs = $db->Query($sqljs);
        
        foreach($attrjs as $v)
        {
            echo "<input class='js' type='checkbox' value='{$v[0]}' /> {$v[1]} &nbsp;";
        }
    ?>
    </div>  
</div>
<br />
<div>
    <input type="button" value="确定" id="btn" />
</div>
</body>
<script type="text/javascript">
$(document).ready(function(e) {
    
    ShowJueSe();
    
    $("#user").change(function(){
        
        ShowJueSe();
        
        })
        
    function ShowJueSe()
    {
        var uid = $("#user").val();
        $.ajax({
            url:"seljuese.php",
            data:{uid:uid},
            type:"POST",
            dataType:"TEXT",
            success: function(data){
                
                var shuju = data.split("|");
                
                var ck = $(".js");
                ck.prop("checked",false);
                
                for(var i=0;i<ck.length;i++)
                {
                    var v = ck.eq(i).val();
                    
                    if($.inArray(v,shuju)>=0)
                    {
                        ck.eq(i).prop("checked",true);
                    }

                }
                
                }
            
            
            });
        
    }
    
    $("#btn").click(function(){
        
        var uid = $("#user").val();
        
        var ck = $(".js");
        var str = "";
        
        for(var i=0;i<ck.length;i++)
        {
            if(ck.eq(i).prop("checked"))
            {
                str = str+ck.eq(i).val()+"|";
            }
        }
        
        str = str.substr(0,str.length-1);
        
        $.ajax({
            url:"add.php",
            data:{uid:uid,juese:str},
            type:"POST",
            dataType:"TEXT",
            success: function(data){
                
                if(data.trim()=="OK")
                {
                    alert("添加成功!");
                }
                else
                {
                    alert("添加失败!");
                }
            }
            
            });
        
        
        })
    
});
</script>

add页面

<?php
include("../DBDA.php");
$db = new DBDA();

$uid = $_POST["uid"];
$js = $_POST["juese"];

$juse = explode("|",$js);

$bs = true;

//清空该用户具有的所有角色
$sqldel = "delete from UserInJueSe where UserId = '{$uid}' ";
if(!$db->Query($sqldel,0))
{
    $bs = $bs && false;
}

//添加角色信息
foreach($juse as $v)
{
    $sql = "insert into UserInJueSe values('','{$uid}','{$v}')";
    if(!$db->Query($sql,0))
    {
        $bs = $bs && false;
    }
}

if($bs)
{
    echo "OK";
}
else
{
    echo "NO";
}

seljuese页面

<?php
include("../DBDA.php");
$db = new DBDA();

$uid = $_POST["uid"];

$sql = "select JueSeId from UserInJueSe where UserId = '{$uid}'";

echo $db->StrQuery($sql);

 

posted @ 2016-05-28 22:15  翟喵儿  阅读(335)  评论(0编辑  收藏  举报