On Mon, 19 Jul 2004 10:06:02 GMT
"Perttu Pulkkinen" <pe**************@co.jyu.fi> wrote:
"Henrik Hansen" <hh****@fsck.dk> kirjoitti viestissä news:apMKc.26086 I would say Use bit fields.
example.
define("SUPERADMIN", 1);
define("ADMIN", 2);
if ($userpermission & SUPERADMIN) {
//the user is a super user
}
etc...
Each user need a permission field too, with their right bit value
stored in it. That means each user can have many roles as well,
because you can just add all the bit values together and you have
one permission int. In the categories table you can add the bit
field required for accessing the category.
if ($categorypermission & $userpermission) {
//the user have access
}
Do you follow the idea ?
Henrik Hansen
I don't have much experience with binary thing other than simple
boolean values. Do you mean that in binary system somepriv = 1,
otherpriv= 10 and someotherpriv = 100 and then all possibilities for
user's priv_field are 000,001, 010, 011, 100, 110 and 111? Can you
give more examples?
No, a bitwise priv system works this way.
Ex.:
// Map privileges
define("UBERADMIN", 1);
define("NEWS", 2);
define("ARTICLES" 4);
define("FORUM_MOD" 8);
/**
* The sums of these are always unique to the combination.
* Two different combinations of the above privileges
* cannot have the same value.
*/
// Let's pretend that $user has the $priv = 10.
// That is NEWS + FORUM_MOD (2 + 8).
// Then if you want to check if this user has the correct privs
// for an UBERADMIN action you simply do:
if ($priv & UBERADMIN) {
echo "$user has UBERADMIN privilege.";
} else {
echo "$user haven't got UBERADMIN privilege.";
}
You can then easily add more, just remember that numbers are counted as
^2, i.e. 1, 2, 4, 8, 16, 32, 64, 128 etc...
That way no two different combinations can ever be the same.
if ($priv & UBERADMIN)
then checks to see if the UBERADMIN bit is set in $priv.
(This bitwise deal, is actually quite simple, but complicated to
explain.)
Another quick example:
<?php
$privs = array("a" => 1, "b" => 2, "c" => 4, "d" => 8, "e" => 16);
$priv = 27;
foreach ($privs as $key => $val) {
if ($priv & $val) {
$user_priv[] = $key;
}
}
echo "Privileges: " . join(", ", $user_priv);
// Will output: Privileges: a, b, d, e
?>
Does it make more sense now?
Madsen
--
Anders K. Madsen ---
http://lillesvin.linux.dk
"There are 10 types of people in the world.
Those who understand binary - and those who don't."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFA+7mNlNHJe/JASHcRAkMrAJ9/wAGC/N8BxsehQcxsNlrmLbs3tACfe0ww
CAvlWuabuNBCQeCqR2Pgn9g=
=q/YI
-----END PGP SIGNATURE-----