权限管理几乎出现在任何系统里面,用户可以访问而且只能访问自己被授权的资源,不多不少。
创建页面:
权限管理页面:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>权限管理</title> <script src="../jquery-1.11.2.min.js"></script> </head> <body> <h1>权限管理</h1> <p><!--多对多的关系 W型关系--></p> <div>请选择用户 <select id="user"> <?php include("../DB.class.php"); $db = new DB(); $sql = "select * from Users"; $attr = $db->Query($sql); foreach($attr as $v) { echo "<option value='{$v[0]}'>{$v[2]}</option>"; } ?> </select> </div> <br /> <div>请选择角色:</div> <br /> <div> <?php $sqljs = "select * from JueSe"; $attrjs= $db->Query($sqljs); foreach($attrjs as $v) { echo "<input type='checkbox' class='js' value='{$v[0]}'/>{$v[1]} "; } ?> </div><br /> <input type="button" id="btn" value="确定" /> </body> </html> <script type="text/javascript"> $(document).ready(function(e) { ShowJueSe(); $("#user").change(function(){ ShowJueSe(); }) function ShowJueSe() { var uid = $("#user").val(); $.ajax({ url:"jschuli.php", data:{uid:uid}, type:"POST", dataType:"TEXT", success: function(data){ //alert(data)每一行只有一列数据,所以只有行分隔符"|" var shuju = data.split("|"); var ck =$(".js"); ck.prop("checked",false); for(var i=0;i<ck.length;i++) { var v = ck.eq(i).val(); //复选框的value值 var s = $.inArray(v,shuju);//返回v在数组中的索引,没有返回-1 if(s>=0)//如果v在shuju中 { ck.eq(i).prop("checked",true);//设置选中 } } } }); } $("#btn").click(function(){ var uid = $("#user").val(); var ck = $(".js"); var str= ""; for(var i=0;i<ck.length;i++) { if(ck.eq(i).prop("checked")) { str=str+ck.eq(i).val()+"|"; } } str = str.substr(0,str.length-1); $.ajax({ url:"add.php", data:{uid:uid,juese:str}, type:"POST", dataType:"TEXT", success: function(data){ //alert(data); if(data.trim()=="OK") { alert("添加成功!"); } else { alert("添加失败!"); } } }); }) }); </script>
角色处理页面:
<?php include("../DB.class.php"); $db = new DB(); $uid = $_POST["uid"]; $sql = "select JueSeId from UserInJueSe where UserId = '{$uid}'";//根据用户名找到角色代号,可能是多个代号 echo $db->StrQuery($sql);
添加管理权限页面:
<?php include("../DB.class.php"); $db = new DB(); $uid = $_POST["uid"]; $js = $_POST["juese"]; //echo $js; $juese = explode("|",$js);//一维数组 $bs= true; //先清空该用户具有的所有角色 $sqldel = "delete from UserInJueSe where UserId = '{$uid}'"; $r = $db->Query($sqldel,1); if(!$r) { //如果删除失败,$bs = false $bs = $bs && false; } //添加角色信息 foreach($juese as $v) { $sql = "insert into UserInJueSe values('','{$uid}','{$v}')"; if(!$db->Query($sql,1)) { //如果添加失败,$bs = false $bs = $bs && false; } } if($bs)//如果都执行成功 { echo "OK"; } else { echo "NO"; }
登录页面:
<h1>登录</h1> <form action="loginchuli.php" method="post"> <div>用户名:<input type="text" name="uid" /></div><br /> <div>密码: <input type="password" name="pwd" /></div><br /> <input type="submit" value="登录" /> </form>
登录处理页面:
<?php session_start(); $uid = $_POST["uid"]; $pwd = $_POST["pwd"]; include("../DB.class.php"); $db = new DB(); $sql = "select count(*) from Users where Uid='{$uid}' and Pwd = '{$pwd}'"; $z = $db->StrQuery($sql); if($z == 1) { $_SESSION["uid"] = $uid; header("location:main.php"); } else { header("location:login.php"); }
主页面(权限页面):
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>权限</title> <style type="text/css"> *{ margin:0 auto; padding:0;} #menu{ 800px ; height:40px;} .qx,.cd{ /*并列用逗号隔开*/ width:100px; height:40px; background-color:#30C; color:#FFF; font-size:24px; line-height:40px; text-align:center; vertical-align:middle; float:left;} .cd:hover{ background-color:#C60; cursor:pointer;} </style> </head> <body> <?php session_start(); if(empty($_SESSION["uid"])) { header("location:login.php"); exit; } $uid = $_SESSION["uid"]; include("../DB.class.php"); $db = new DB(); ?><br /> <br /> <h1><center>主页面</center></h1><br /> <a href="tuichu.php">退出系统</a> <br /> <br /> <div id="menu"> <div class="qx">权限管理</div> <?php //根据用户名找到对应的角色代号 $sqljs = "select JueSeId from UserInJueSe where UserId = '{$uid}'"; $ajs = $db->Query($sqljs); //根据角色代号找到对应功能 $all = array();//存储该用户所有的功能代号 foreach($ajs as $vjs) { $sgn = "select RuleId from JueSeWithRules where JueSeId = '{$vjs[0]}'"; $agn = $db->Query($sgn);//功能id //将找到的所有功能代号追加进数组$all foreach($agn as $vgn) { array_push($all,$vgn[0]); } } $all = array_unique($all); //显示菜单 foreach($all as $vall) { $sn = "select Name from Rules where Code = '{$vall}'"; $name = $db->StrQuery($sn); echo "<div class='cd'>{$name}</div>"; } ?> </div>
退出系统页面:
<?php session_start(); unset($_SESSION["uid"]); header("location:login.php");