Jump to content

planning a post approval / moderation system

mort

By mort
in PHP Coding Help

 Share

Recommended Posts

mort Member

mort

Posted
Posted

Hey all

 

I have been working on a custom CMS and have made a dynamic script to essentially generate the Add / Edit / Delete forms with configuration data I have provided eg. table, fields, field types, options, etc

 

I want to build in some kind of approval / moderation system as well that can be turned on or off for the various different forms I am making. I have seen some other posts on here about similar systems but none that go into as much detail as I want to achieve, and I could do with some other opinions on the planning stage.

 

Obviously I could make a basic one where the 'post' has a separate db field called 'approved' which is either 0 or 1, and a function to either approve it or not. This is about as basic as it gets but doesn't really allow for anymore complex interactions such as multiple users, users with different permissions, the ability to edit live data and for it to create a copy with those changes in etc.

 

My main goal is to have an admin level, and a user level.

 

The Admin can add / edit / delete live to the database, and would act as most CMS systems do already.

 

The user is where things get a bit more complicated. They need to be able to add content, and for that content to not be displayed until approved by an admin (such as the basic functionality explained above). But also to be able to edit / delete live content and for that to not actually reflect on the live site until those actions have been approved as well.

 

This means I will have to have some form of duplicated data, and somewhere to keep track of whats awaiting approval, old, and live. I am thinking initially to keep all the approval data in a separate table, as it will need to be applied to potentially multiple other tables. This would act as an index for the other tables to mark row ID's status.

 

I guess first off is anyone aware of any articles on such a system, and secondly does anyone know of any better / more efficient way to achieve this?

 

Cheers :)

Link to comment
Share on other sites
ignace Advanced Member

ignace

Posted
Posted

So you basically are looking for an ACL (Access-Control List) There are different ways of implementing such behavior if you want to keep the roles or groups known and don't want to allow the end-user to make their own roles you could use something like:

 

class User {
     const ROLE_GUEST = 'guest';
     const ROLE_MEMBER = 'member';
     const ROLE_AUTHOR = 'author';
     const ROLE_EDITOR = 'editor';
     const ROLE_PUBLISHER = 'publisher';
     const ROLE_ADMINISTRATOR = 'administrator';
     
     private $role = self::ROLE_GUEST;
     public function getRole() { return $this->role; }
     
     public function setRole($role) {
         if ($this->getRole() === $role) return;
         
         switch ($role) {
             case self::ROLE_GUEST:
             case self::ROLE_MEMBER:
             case self::ROLE_AUTHOR:
             case self::ROLE_EDITOR:
             case self::ROLE_PUBLISHER:
                 break; // OK, valid
             
             case self::ROLE_ADMINISTRATOR:
                 $this->isAdministrator() or throw new Exception('Only administrators may assign administrator privilege');
                 break;
             
             default: throw new Exception("Invalid role specified '$role'"); break; // break is ignored
         }
         $this->role = $role;
    }
    
    public function isGuest() { $this->getRole() === self::ROLE_GUEST; }
    public function isMember() { $this->getRole() === self::ROLE_MEMBER; }
    public function isAuthor() { $this->getRole() === self::ROLE_AUTHOR; }
    public function isEditor() { $this->getRole() === self::ROLE_EDITOR; }
    public function isPublisher() { $this->getRole() === self::ROLE_PUBLISHER; }
    public function isAdministrator() { $this->getRole() === self::ROLE_ADMINISTRATOR; }
    
    public function save() { /* logic */ }
}

 

In your code you would use it like:

 

if ($action === 'edit' && ($u->isEditor() or $u->isAdministrator())) {

 

If you are confused by:

 

$this->isAdministrator() or throw new Exception('Only administrators may assign administrator privilege');

 

Then the manual says:

 

// The constant false is assigned to $f and then true is ignored
// Acts like: (($e = false) or true)
$f = false or true;

 

http://www.php.net/manual/en/language.operators.logical.php

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.