Table 5 with access control frame check yii

A: The controller section

 

 1 <?php
 2 namespace app\controllers;
 3 
 4 use yii\web\Controller;
 5 
 6 class PreController extends Controller{
 7  public $enableCsrfValidation=false;
 8 
 9      function actionIndex(){
10 
11          return $this->render('index');
12      }
13 
14      function actionLogin(){
15         $username= \Yii::$app->request->post('user');
16 
17         $pwd=\Yii::$app->request->post('password');
18         $data=\Yii::$app->db->createCommand("select*from `user` where username='$username' and password='$pwd'")->queryOne();
19 
20       if($data){
21           $session = \Yii::$app->session;
22 
23           $session->set('uid', $data['id']);
24           $id=$data['id'];
25        //Even Charles V, table 
26            $ RES = \ Yii :: $ App -> db-> createCommand ( "the SELECT * from the User user.id the Join diode with U_r ON = u_r.u_id the Join Role ON u_r.r_id = role.r_id the Join R_P ON Role Power ON = r_p.rid the Join .r_id r_p.p_id = WHERE power.power_id the user.id = $ ID ") -> queryAll ();
 27      // the isolated data is stored into the session 
28              $ the session -> SET ( ' Power ', json_encode ( $ RES ));
 29              // Go to page permissions 
30            return   $ the this -> the redirect ([' One / Show ' ]);
 31 is        } the else {
 32            echo "<a href='index'> input errors </a> "; Die ;
33       }
34      }
35 
36 
37 }

 

II: Permissions section, and CURD

<? PHP 
namespace App \ the Controllers; 

use App \ Models \ Zs;
 use Yii \ Web \ the Controller; 

class OneController the extends   the Controller {
   // equivalent to the constructor 
     function the init () 
     { 


         $ the session = \ Yii :: $ App -> the session ;
          $ the above mentioned id = $ the session -> GET ( 'uid' );
   // illegal landing restrictions 
         IF ( empty ( $ the above mentioned id )) {
              echo "<a href='/pre/index'> please login </a>" ; Die ; 
         } 
         $ Power =the session $ -> GET ( 'Power' );
         $ Data = of json_decode ( $ Power );
         // controller and method of the current access 
        $ now_url = \ Yii :: $ App -> requestedRoute; 

        the foreach ( $ Data  AS  $ K = > $ V ) {
             // controller and method defined in the database 
           $ ARR [] = $ V .. -> controller '/' $ V -> function ; 
        } 
        // access control 
     IF (! the in_array ( $ now_url , $ ARR )) {
          echo"<a href='/pre/index'> authority is not enough, please re-visit </a>"; Die ; 
     } 

     } 


    function actionShow () { 


        $ the session = \ Yii :: $ App -> the session;
         $ the Data = json_decode ( $ the session -> GET ( 'Power'),. 1 ); 

        $ RES = $ the this -> getTree ( $ Data , 0 );
         return  $ the this -> the render ( 'Show', [ 'Data' => $ RES ] ); 
    } 
// recursive 
    function getTree ( $ Data , $ PID ) {
         $ Tree = [];
        the foreach ( $ Data  AS  $ K => $ V ) {
             IF ( $ V [ 'PID'] == $ PID ) {
                 $ V [ 'Son'] = $ the this -> getTree ( $ Data , $ V [ 'power_id ' ]);
                 $ Tree [] = $ V ; 
            } 

        } 
        return  $ Tree ; 
    } 
// this is to show, not to change the name of the method 
    function actionAdd () {
         $ Data = \ Yii :: $ App -> db-> the createCommand ( "ZS from the SELECT *") -> queryAll ();
        return $this->render('add',['data'=>$data]);
    }
    //删除
    function actionDel(){
        $id=\Yii::$app->request->get('id');
        $res=\Yii::$app->db->createCommand("delete from zs where id=$id")->execute();
        if($res){
            return $this->redirect('add');
        }
    }
}

Three: to show the user's current privileges

 1 <!doctype html>
 2 <html lang="en">
 3 <head>
 4     <meta charset="UTF-8">
 5     <meta name="viewport"
 6           content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
 7     <meta http-equiv="X-UA-Compatible" content="ie=edge">
 8     <title>Document</title>
 9 </head>
10 <body>
11 <table>
12 <!--    递归展示数据-->
13     <?php foreach ($data as $k=>$v) {?>
14     <tr>
15      <?php echo $v['power'] ?><br>
16         <?php foreach ($v['son'] as $kk=>$vv) {?>
17             <a href="<?php echo $vv['function'] ?>">   <?php echo $vv['power'] ?></a><br>
18     </tr>
19     <?php }?>
20     <?php }?>
21 </table>
22 </body>
23 </html>

Four: Display page

 

 1 <?php
 2 $session = \Yii::$app->session;
 3 
 4 
 5 ?>
 6 <!doctype html>
 7 <html lang="en">
 8 <head>
 9     <meta charset="UTF-8">
10     <meta name="viewport"
11           content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
12     <meta http-equiv="X-UA-Compatible" content="ie=edge">
13     <title>Document</title>
14 </head>
15 <body>
16 <table border="1" class="table">
17     <tr>
18         <td>id</td>
19         <td>用户</td>
20         <td>手机</td>
21         <td>街道</td>
22         <td>操作</td>
23     </tr>
24     <?php foreach ($data as $k=>$v) {?>
25     <tr>
26         <td><?php echo $v['id'] ?></td>
27         <td><?php echo $v['name'] ?></td>
28         <td><?echo $ v PHP [ 'tel'] ?> </ td > 
29          < td > <? PHP echo $ v [ 'Stree'] >? </ td > 
30  <-!         Delete button: Administrators can delete, general does not remove the user clicks -> 
31 is          <? PHP IF ($ session-> GET ( 'UID') ==. 1) { >? 
32  
33 is              < TD > < A the href = "ID = del <PHP echo $?? V [ 'ID']?> " class =" del " ID =" <? PHP echo $ V [ 'ID']?> " > delete </ A > </td>
34 
35        <?php }else {?>
36         <td><a href="#" class="del" id="<?php echo $v['id'] ?>">删除</a></td>
37        <?php }?>
38     </tr>
39     <?php }?>
40 </table>
41 </body>
42 </html>
43 <script src="../jquery-3.3.1.min.js"></script>
44 <script>
45 
46 </script>

 

Guess you like

Origin www.cnblogs.com/maohonggang/p/11206395.html