PHP 权限管理
login页面 <form action="loginchuli.php" method="post"> <div>用户名:<input type="text" name="uid" /></div> <div>密码:<input type="text" name="pwd" /></div> <input type="submit" value="登录" /> </form> loginchuli页面 <?php session_start(); $uid = $_POST["uid"]; $pwd = $_POST["pwd"]; include("../DBDA.php"); $db = new DBDA(); $sql = "select count(*) from Users where Uid='{$uid}' and Pwd = '{$pwd}'"; $z = $db->StrQuery($sql); if($z == 1) { $_SESSION["uid"] = $uid; header("location:main.php"); } else { header("location:login.php"); }
main主页面
<?php session_start(); if(empty($_SESSION["uid"])) { header("location:login.php"); exit; } $uid = $_SESSION["uid"]; include("../DBDA.php"); $db = new DBDA(); ?> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>无标题文档</title> <style type="text/css"> *{ margin:0px auto; padding:0px} #menu{ width:100%; height:40px; } .cd{ width:100px; height:40px; background-color:#60C; color:white; font-size:18px; text-align:center; line-height:40px; vertical-align:middle; float:left; } .cd:hover{ background-color:#F33; cursor:pointer; } </style> </head> <body> <br /> <center><h1>主页面</h1></center> <br /> <a href="login.php">退出 <?php echo $uid; ?></a> <br /> <div id="menu"> <div class="cd">权限管理</div> <?php //根据用户名找到所对应的角色代号 $sjs = "select JueSeId from UserInJueSe where UserId ='{$uid}' "; $ajs = $db->Query($sjs); //根据角色代号找到对应的功能 $all = array();//存储该用户所有的功能代号 foreach($ajs as $vjs) { $sgn = "select RuleId from JueSeWithRules where JueSeId ='{$vjs[0]}'"; $agn = $db->Query($sgn); foreach($agn as $vgn) { array_push($all,$vgn[0]); } } $all = array_unique($all); //显示菜单 foreach($all as $vall) { $sn = "select Name from Rules where Code = '{$vall}'"; $name = $db->StrQuery($sn); echo "<div class='cd'>{$name}</div>"; } ?> </div>
guanli页面
<h1>权限管理</h1> <div>请选择用户: <select id="user"> <?php include("../DBDA.php"); $db = new DBDA(); $sql = "select * from Users"; $attr = $db->Query($sql); foreach($attr as $v) { echo "<option value='{$v[0]}'>{$v[2]}</option>"; } ?> </select> </div> <br /> <div> <div>请选择角色:</div> <br /> <div> <?php $sqljs = "select * from JueSe"; $attrjs = $db->Query($sqljs); foreach($attrjs as $v) { echo "<input class='js' type='checkbox' value='{$v[0]}' /> {$v[1]} "; } ?> </div> </div> <br /> <div> <input type="button" value="确定" id="btn" /> </div> </body> <script type="text/javascript"> $(document).ready(function(e) { ShowJueSe(); $("#user").change(function(){ ShowJueSe(); }) function ShowJueSe() { var uid = $("#user").val(); $.ajax({ url:"seljuese.php", data:{uid:uid}, type:"POST", dataType:"TEXT", success: function(data){ var shuju = data.split("|"); var ck = $(".js"); ck.prop("checked",false); for(var i=0;i<ck.length;i++) { var v = ck.eq(i).val(); if($.inArray(v,shuju)>=0) { ck.eq(i).prop("checked",true); } } } }); } $("#btn").click(function(){ var uid = $("#user").val(); var ck = $(".js"); var str = ""; for(var i=0;i<ck.length;i++) { if(ck.eq(i).prop("checked")) { str = str+ck.eq(i).val()+"|"; } } str = str.substr(0,str.length-1); $.ajax({ url:"add.php", data:{uid:uid,juese:str}, type:"POST", dataType:"TEXT", success: function(data){ if(data.trim()=="OK") { alert("添加成功!"); } else { alert("添加失败!"); } } }); }) }); </script>
add页面
<?php include("../DBDA.php"); $db = new DBDA(); $uid = $_POST["uid"]; $js = $_POST["juese"]; $juse = explode("|",$js); $bs = true; //清空该用户具有的所有角色 $sqldel = "delete from UserInJueSe where UserId = '{$uid}' "; if(!$db->Query($sqldel,0)) { $bs = $bs && false; } //添加角色信息 foreach($juse as $v) { $sql = "insert into UserInJueSe values('','{$uid}','{$v}')"; if(!$db->Query($sql,0)) { $bs = $bs && false; } } if($bs) { echo "OK"; } else { echo "NO"; }
seljuese页面
<?php include("../DBDA.php"); $db = new DBDA(); $uid = $_POST["uid"]; $sql = "select JueSeId from UserInJueSe where UserId = '{$uid}'"; echo $db->StrQuery($sql);