|
|
本帖最后由 57sy.com(隐身中 于 2013-7-18 11:46 编辑
在做ci的权限控制的时候,我做的思路是根据访问地址进行控制下面是我的代码,我首先继承一个基类,基类然后继承CI_controller ,之前看了tp 根据tp的思想延伸过来
PHP复制代码
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/*
*让ci继承自己的类库
* ######################################
* 这个类里面写权限代码
*###################################
*/
class MY_Controller extends CI_Controller {
public $login_username = '' ;
function MY_Controller (){
parent ::__construct () ;
if(!empty($_POST['session']) && isset($_POST['session'])){
@session_id($_POST['session']);
}
@ob_clean() ;
@session_start();
$this->load->library("admin_common");//加载公用的方法
$this->check_is_login();
$this->permition() ;
}
//检查是否登录了
private function check_is_login (){
if(isset($_SESSION['username'])){
$this->login_username = $_SESSION['username'];
}
if(empty($this->login_username) || $this->login_username == ""){
//如果没有登录
if(isset($_GET['inajax'])){
echo $this->admin_common->result_to_towf_new('',$this->config->item('no_permition'),"你的密码已经过期,重新登录",null);
die();
}
showmessage ("密码已经过期",'admin/login/show_login',3,0);
}
}
//验证是否有访问的权限
private function permition (){
$last_permition = array();
$permition =array();
$admin = $this->config->item('web_admin_master');
//echo $admin ;
if($admin != $this->login_username){
$no_permition_array = $this->admin_common->no_permition_url_array(); //不需要权限就可以进行访问的模块
$this->load->model('admin/members/M_members');
if(isset($_COOKIE[$this->config->item('cookie_prefix').'permition'])){
$permition = $_COOKIE[$this->config->item('cookie_prefix').'permition'];
}
if($permition){
$permition = unserialize($permition) ;
}
if($permition && $no_permition_array){
$last_permition = array_merge($permition,$no_permition_array); ;
}elseif(!$permition && $no_permition_array){
$last_permition = $no_permition_array ;
}elseif($permition && !$no_permition_array){
$last_permition = $permition ;
}
$url_array = $this->uri->segment_array() ;
$new_url = '';
if(isset($url_array[1])){
$new_url.=$url_array[1]."/";
}
if(isset($url_array[2])){
$new_url.=$url_array[2]."/";
}
if(isset($url_array[3])){
$new_url.=$url_array[3]."/";
}
if(isset($url_array[4])){
$new_url.=$url_array[4]."/";
}
//判断是普通的请求地址还是ajax请求
if(!in_array($new_url, $last_permition)){
if(isset($_GET['inajax'])){
echo $this->admin_common->result_to_towf_new('',$this->config->item('no_permition'),"你没有权限进行此操作,请联系管理员",null);
}else{
// shownopermition() ;
show_error ("you don't have permition to Access this page,please Contact <font color='red'>{$admin}</font> Email:{$this->config->item('web_admin_email')}",403,'forbidden');
}
die();
}
}
}
//当前登录的用户名
public function get_login_name (){
return $this->login_username ;
}
//注销session和cookie
public function destory_session_cookie (){
if($this->login_username){
$_SESSION['username'] = '' ;
unset($_SESSION['username']);
$_SESSION['client_ip'] = '' ;
unset($_SESSION['client_ip']);
setcookie($this->config->item('cookie_prefix').'permition',"",time()-$this->config->item('cookie_expire'),$this->config->item('cookie_path'),$this->config->item('cookie_domain'),$this->config->item('cookie_secure')) ;
unset($_COOKIE);
showmessage ('退出成功','admin/login/show_login',3,1) ;
}
}
}
请大家拍砖
|
|
IP卡
狗仔卡
发表于 2013-7-18 11:43:46
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡