chaiwei Posted December 4, 2008 Share Posted December 4, 2008 Hi all, anyone know what is the effective way to implement the role based access control in php? the RBAC is like there got Root,Admin,manager,normal user,guest. 1)Root can only have 1, have all the access in the system, 2)Admin can create manager and user,have access to update delete insert, but not allow to create root nor another admin. 3)Manager can create bla bla bla. like setting permission. Actually i have found that there is a way to of using bitmask. define(addAdmin,1); define(addManager,2); defime(addUser,4); define(update,; define(edit,16); define(delete,32); $manager=4+8+16+32; $manager=60; $arr = bitMask($manager); //return array(0=>4, 1=>8, 2=>16, 3=>32 ); if(in_array(edit,$arr){ echo 'Login Successful'; }else{ echo 'Invalid Login'; } I am not sure whether this is the effective way to set user roles, if I am stored this value (60) in the session or cookie, I am consider for the security issue. let say setcookie('PERMISSION',60); what if manager manually rewrite the setcookie('PERMISSION',63) then it can addAdmin and addmanager also. Is there any effective way to do set the roles access control? any 1 know how drupal done that? I mean the concept or idea to set the roles. [pre][/pre] function bitMask($mask = 0) { if(!is_numeric($mask)) { return array(); } $return = array(); while ($mask > 0) { for($i = 0, $n = 0; $i <= $mask; $i = 1 * pow(2, $n), $n++) { $end = $i; } $return[] = $end; $mask = $mask - $end; } sort($return); return $return; } [pre][/pre] Quote Link to comment Share on other sites More sharing options...
balistic Posted December 4, 2008 Share Posted December 4, 2008 store them in the database as per each user, then define on each page what the permission value is and run a simple check. btw defime(addUser,4); Quote Link to comment Share on other sites More sharing options...
chaiwei Posted December 4, 2008 Author Share Posted December 4, 2008 Hi, Thanks a lot. Another silly question is how to edit the thread. haha, I didnt see any edit button there. Mind to told me that? thanks Quote Link to comment Share on other sites More sharing options...
balistic Posted December 4, 2008 Share Posted December 4, 2008 its called modify, and its on the top right hand side of the post and no question is a silly one Quote Link to comment Share on other sites More sharing options...
chaiwei Posted December 4, 2008 Author Share Posted December 4, 2008 Hi , But I really cant see any modify button also. Is it beside the quote? I only can see quote. thanks. « previous next » Reply Notify Mark unread Send this topic Print http://Themes/default/images/buttons/quote.gif[/img]Quote Quote Link to comment Share on other sites More sharing options...
chaiwei Posted December 4, 2008 Author Share Posted December 4, 2008 Yes I see already, but not in the first thread. it is for the last thread i post. Quote Link to comment Share on other sites More sharing options...
balistic Posted December 4, 2008 Share Posted December 4, 2008 I dont think you can edit your first post unless its within a certain time/isnt replied to. Quote Link to comment Share on other sites More sharing options...
chaiwei Posted December 4, 2008 Author Share Posted December 4, 2008 ya. Thanks again for the help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.