//获得权限$name 可以是字符串或数组或逗号分割, uid为 认证的用户id, $or 是否为or关系,为true是, name为数组,只要数组中有一个条件通过则通过,如果为false需要全部条件通过。 //最后修改功能:待验证的权限$name如果权限列表里面不存在则默认有该权限 public function getAuth($name, $uid, $relation='or') { if (!$this->_config['AUTH_ON']) return true; $authList = $this->getAuthList($uid); if (is_string($name)) { if (strpos($name, ',') !== false) { $name = explode(',', $name); } else { $name = array($name); } } //修改部分开始 foreach($name as $key=>$val){ if(!$this->isExistsRule($val)){ unset($name[$key]); } } if(count($name)==0){ return true; } //修改部分结束 $list = array(); //有权限的name foreach ($authList as $val) { if (in_array($val, $name)) $list[] = $val; } if ($relation=='or' and !empty($list)) { return true; } $diff = array_diff($name, $list); if ($relation=='and' and empty($diff)) { return true; } return false; } /** * @desc 判断数据库是否存在权限 * @param string $name RuleName */ public function isExistsRule($name){ static $rule = array(); if(!empty($rule[$name])){ return $rule[$name]; } $rule[$name] = M()->table($this->_config['AUTH_RULE'])->where(array('name'=>$name))->count(); return $rule[$name]; }