ACL in PHP

ACL in PHP

Isi Kandungan • Pengenalan • Apa itu ACL? • Fungsi ACL? • IF Else Authorization • ACL • Sesi Soalsiasat

Pengenalan • Apa itu ACL?ACL atau akronimnya Access Control List, merupakan suatu kaedah untuk menentukan akses kepada sesuatu fungsi untuk setiap pengguna sistem. • Merupakan satu terma, ACL tidak dimasukkan sebagai fungsi native PHP dan perlu dibangunkan oleh pembangun; user defined function.

IF Else Authentication • Adalah cara mudah untuk melaksanakan authorization access dalam sesuatu sistem. • Selalu digunakan dalam pembangunan PHP. • Terdapat banyak kelemahan. • Sukar untuk diurus. • Kurang dinamik.

IF Else Authorization Contoh Aturcara <?php $username =“test”; $levels =“admin”; if($level == “admin”) : //give system management access to admin. elseif($level==“hr”) : //give human resource access to hr. elseif($level==“it-dept”) : //give IT department access to IT dept’s staff. endif; ?>

Senario yang mungkin berlaku… • Organisasi telah berkembang, jabatan baru “Jabatan Multimedia” telah diwujudkan, sila beri akses kepada staf Jabatan Multimedia! • “Jabatan Multimedia” memerlukan akses kepada Modul “Jabatan IT”! • “Jabatan Multimedia” akan dimansuhkan dan staf “Jabatan Multimedia” akan diletakkan dibawah “Jabatan IT”, sila pindahkan modul “Jabatan Multimedia” kepada “Jabatan IT”.

ACL • Kaedah ini menggunakan database, table yang diperlukan:- • acl • user • user_group • user_privilege • Lebih baik implement konsep Object Oriented Programming (OOP) untuk menguruskan akses. • Akses diperiksa berdasarkan kebenaran untuk menggunakan sesuatu module, bukan berdasarkan level pengguna.

ACL – table acl

ACL – table user

ACL – table user_group

ACL – table user_privilege

Code {1} <?php // get user data $result =mysql_query(“SELECT u.username, g.id FROM user u LEFT JOIN user_group g ON u.group=g.id WHERE u.id=1”); $row = mysql_fetch_array($result); $username = $row[“username”]; $levels = $row[“id”]; $appACL= new ACL(); $appACL->fetch_ACL($level); if($appACL->check_ACL(1)) : //give access to module A elseif($appACL->check_ACL(2)) : //give access to module B elseif($appACL->check_ACL(3)) : //give access to module C endif; ?>

Code {2} <?php class ACL { var $list_ACL; function fetch_ACL($level == 0) { $query =“SELECT p.id, FROM user_privilege p WHERE p.group_id=“.$level.” ORDER BY p.id ASC”; $result =mysql_query($query); $count = 1; while($row = mysql_fetch_array($result)) : while($count < $row[“id”]) : $this->list_ACL[$count]=0; $count++; endwhile; if($count == $row[“id”]) : $this->list_ACL[$count]=1; $count++; endif; endwhile; $query_acl = “SELECT count(id) AS totals FROM acl”; $result_acl =mysql_query($query_acl); $row_acl =mysql_fetch_array($result_acl); for(; $count <= $row_acl[“totals”]; $count++) : $this->list_ACL[$count]=0; endfor; } // continues..

Code {3} // continues from last page functioncheck_ACL($acl =0) { if($this->list_ACL[$acl]==1) : return true; else: returnfalse; endif; } ?>

Sample

GUI for Editing ACL {1} <form id=“acl_manager” method=“post” action=“acl.php”> <?php $query_group = "SELECT * FROM user_group"; $result_group =mysql_query($query_group); while ($row_group = $csdb->mysql_fetch_array($result_group)) : $levels[$row_group["id"]]= $row_group["name"]; endwhile; ?> <table> <thead> <tr> <th>Module</th> <?php foreach($levels as $value) : print“<th>”.$value.”</th>”; endforeach; ?> </tr> </thead> <?php // continues… ?>

GUI for Editing ACL {2} <tbody> <?php $query_acl ="SELECT * FROM acl ORDER BY id ASC"; $result_acl =mysql_query($query_acl); $count =0; while($row_acl =mysql_fetch_array($result_acl)) : $menu_id[$count]= $row_acl["id"]; $menu_runid[$row_acl["id"]]= $count; $menu_name[$count]= $row_acl["name"]; $count++; endwhile; $query_acp ="SELECT * FROM user_privilege"; $result_acp =mysql_query($query_acp); while($row_acp =mysql_fetch_array($result_acp)) : $this_id = $menu_runid[$row_acp[“acl_id"]]; $menu_access[$this_id][$row_acp[“group_id"]]=1; endwhile; // continues… ?>

GUI for Editing ACL {2} <tbody> <?php $query_acl ="SELECT * FROM acl ORDER BY id ASC"; $result_acl =mysql_query($query_acl); $count =0; while($row_acl =mysql_fetch_array($result_acl)) : $menu_id[$count]= $row_acl["id"]; $menu_runid[$row_acl["id"]]= $count; $menu_name[$count] = $row_acl["name"]; $count++; endwhile; $query_acp ="SELECT * FROM user_privilege"; $result_acp =mysql_query($query_acp); while($row_acp =mysql_fetch_array($result_acp)) : $this_id = $menu_runid[$row_acp[“acl_id"]]; $menu_access[$this_id][$row_acp[“group_id"]] =1; endwhile; // continues… ?>

GUI for Editing ACL {3} $counts = 0; for($list =0; $list <count($menu_id); $list++) : print"<tr>"; print"<td> <strong>".$menu_name[$list]."</strong> </td>"; foreach($levels as $level => $name) : $checked =((isset($menu_access[$list][$level])and $menu_access[$list][$level]==1) ?"checked='checked'" :""); print"<td> <input type='checkbox' ".$checked." id='menu_access_".$counts."' name='menu_access[".$counts."]' value='1' /> <input type='hidden' name='menu_id[".$counts."]' value='".$menu_id[$list]."' /> <input type='hidden' name='menu_level[".$list."]' value='".$level."' /> </td>"; $counts++; endforeach; print"</tr>"; endfor; ?> </tbody> </table> <div> <input type=“submit” name=“submit” value=“Submit” class=“button” /> </div> </form>

Submit ACL <?php // Validate post form command mysql_query("TRUNCATE TABLE user_privilege"); $acl_id =$_POST["menu_id"]; $acl_access =$_POST["menu_access"]; $acl_group =$_POST["menu_level"]; for ($i=0; $i <count($acl_id); $i++) : $bool = ((isset($acl_access[$i]) and $acl_access[$i]==1) ?1:0); if($bool ==1) : mysql_query("INSERT INTO user_privilege (acl_id, group_id) VALUES (".$acl_id[$i].", ".$acl_group[$i].")"); endif; endfor; ?>

ACL in PHP

ACL in PHP

Presentation Transcript

ACL Presentation

ACL Functions

ACL RECONSTRUCTION

ACL Connections

ACL SCREEN

ACL 2009

ACL 2009

ACL Injury…

ACL DETERMINATION

ACL

ACL

ACL Scripts

ACL

ACL Injuries in Females

ACL injury

ACL ACL TREATMENT ACL SURGERY DR MANU BORA

ACL Reconstruction