您的位置:首页 > 编程语言 > PHP开发

Zend framework 之zend_acl,zend_auth实现用户权限控制

2010-06-24 11:22 537 查看
我的controller文件夹里包含index和login两个controller文件从login文件说起,它有三个Action一个是loginAction,一个是showAction,一个是indexAction。indexAction用于将登录表单提交上来的数据进行验证,loginAction用与解析登录表单,showAction用于显示一个主表单。这个表单中有三个提交按钮设为add,hello,delete,代码如下:LoginController.php

<?php
class LoginController extends Zend_Controller_Action {
public function init()
{
header('Content-Type: text/html; charset=utf-8');
$config=new Zend_Config_Ini('d:/webroot/aaa/application/configs/application.ini', "staging");
Zend_Registry::set('config',$config);
$db=Zend_Db::factory($config->resources->db->adapter,$config->resources->db->params->toArray());
Zend_Registry::set('db',$db);
}
public function indexAction()
{
$db=Zend_Registry::get('db');
$username=$this->_request->getPost('username');
$password=$this->_request->getPost('password');
$authAdapter=new Zend_Auth_Adapter_DbTable($db);
$authAdapter->setTableName('user')
->setIdentityColumn('username')
->setCredentialColumn('password')
->setIdentity($username)
->setCredential($password);
$auth=Zend_Auth::getInstance();
if($auth->hasIdentity()){
$this->_forward('show', 'login');
}else{
$result=$auth->authenticate($authAdapter);
if($result->isValid()){
require_once 'Zend/Session/Namespace.php';
$authNamespace=new Zend_Session_Namespace('Zend_Auth');
$authNamespace->username=$username;

$this->_forward('show', 'login');
}else{
echo '认证失败,用户名密码错误!';
}
}
}
public function loginAction(){
$this->render();
}
public function showAction(){
$this->render();
}
}

login.phtml

<html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>login</title>
<script language="javascript">
function checkform(form){
if(form.username.value.length==0){
alert('用户名不能为空!');
return false;
}
if(form.password.value.length==0){
alert('密码不能为空!');
return false;
}
}
</script>
</head>
<body>
<form action="/login/index" method="POST" onsubmit="return checkform(this);">
<div align="center">
<p>用户名:<input type="text" name="username" value=""></p>
<p>密码:<input type="password" name="password" value=""></p>
<p><center><input type="submit" name="submit" value="登录"></center></p>
</div>
</form>
</body>
</html>

show.phtml

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>员工</title>
</head>
<body>
<center><h2 align="red">主页</h2></center>
<table>
<tr><td>
<form action="/index/add" method="POST" name="form1">
<input type="submit" name="add" value="添加">
</form></td><td>
<form action="/index/hello" method="POST" name="form2">
<input type="submit" name="query" value="hello">
</form></td><td>
<form action="/index/delete" method="POST" name="form3">
<input type="submit" name="delete" value="删除">
</form></td>
</tr>
</table>
</div>
</body>
</html>

indexcontroller中

class IndexController extends Zend_Controller_Action
{
public function init()
{
$today=date('Y-m-d');
$stream = fopen('d:/webroot/aaa/application/views/logs/'.$today.".txt", 'a',false);
if (! $stream) {
throw new Exception('Failed to open stream');
}
$log=new Zend_Log();
$logger=new Default_Model_Ip();
$log->setEventItem('pid',getmypid());
$log->setEventItem('ip',$logger->getIP());
$writer = new Zend_Log_Writer_Stream($stream);
$format = '[%timestamp%][%priorityName%-%priority%]-[PID:%pid%][ip:%ip%]' . PHP_EOL
. '%message%' . PHP_EOL;
$formatter = new Zend_Log_Formatter_Simple($format);
$writer->setFormatter($formatter);
$log->addWriter($writer);
Zend_Registry::set('log',$log);

header('Content-Type: text/html; charset=utf-8');
$config=new Zend_Config_Ini('d:/webroot/aaa/application/configs/application.ini', "staging");
Zend_Registry::set('config',$config);
$db=Zend_Db::factory($config->resources->db->adapter,$config->resources->db->params->toArray());
$db->query("SET NAMES GBK");
Zend_Registry::set('db',$db);
}
public function helloAction(){

$log=Zend_Registry::get('log');
$log->log('hello,ni hao',3);
$this->render();
}
public function addAction(){

$log=Zend_Registry::get('log');
$log->log('add,it/' add a data.',3);
$this->render();
}
public function deleteAction(){

$log=Zend_Registry::get('log');
$log->log('delete,it/' delete a data and can not go back.',3);
$this->render();
}
public function preDispatch(){

$db=Zend_Registry::get('db');
$select1=$db->select()
->from('role','*');

$roles=$db->fetchAll($select1);
$acl=new Zend_Acl();
foreach($roles as $role){
$acl->addRole(new Zend_Acl_Role($role['rolename']));
}
$select2=$db->select()->from('resource','*');
$resources=$db->fetchAll($select2);
foreach($resources as $resource){
$acl->add(new Zend_Acl_Resource($resource['controller'].':'.$resource['action']));
}
$sql="select resource.controller,resource.action,role.rolename from resource,role,relation where
relation.mid=resource.resid and relation.rid=role.rid";
$re_result=$db->query($sql);
$rela_result=$re_result->fetchAll();
foreach ($rela_result as $info){
$acl->allow($info['rolename'],$info['controller'].':'.$info['action'],$info['action']);
}
$action=$this->getRequest()->getActionName();//获取当前控制器和action名称来判断资源能否被角色访问
$controller=$this->getRequest()->getControllerName();
require_once 'Zend/Session/Namespace.php';
$authNamespace=new Zend_Session_Namespace("Zend_Auth");
$username=$authNamespace->username;
$sql1='select role.rolename from role,user where role.rid=user.rid and user.username="'.$username.'"';
$db=Zend_Registry::get('db');
$cc=$db->query($sql1);
$dd=$cc->fetchAll();
if($acl->has($controller.':'.$action))
{
$flag=$acl->isAllowed($dd[0]['rolename'],$controller.':'.$action,$action);
if($flag){ echo'good';
}else{
die("您无权做此操作,请与管理员联系!");
}
}
}
}

add.phtml ,delete.phtml,hello.phtml中随便写入点东西就行比如heolldas,随便,这个程序主要容来验证zend_acl和zend_auth对用户的权限控制

内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航