根据用户权限在下拉菜单中显示/隐藏选项

时间:2018-05-29 15:19:07

标签: php authentication mysqli access-rights ticket-system

我的网站中有两种类型的用户。管理员和用户。 这些文件以user的名称存储在表格kind中。

有了这个,我可以验证登录会话:

<body>
      <?php if(isset($_SESSION["user_id"])):?>
      <div class="wrapper">
         <div class="sidebar" data-color="blue">
            <div class="logo">
               <a href="./" class="simple-text">
               INDEX PAGE FOR BOTH ADMINS AND USERS
               </a>
            </div>
            <div class="sidebar-wrapper">
               <ul class="nav">
                  <li class="">
                     <a href="./">
                        <i class="fa fa-home"></i>
                        <p>Home</p>
                     </a>
                  </li>
                  <li>
                     <a href="./?view=tickets">
                        <i class="fa fa-ticket"></i>
                        <p>Tickets</p>
                     </a>
                  </li>
                  <li>
                     <a href="./?view=calendario">
                        <i class="fa fa-ticket"></i>
                        <p>Calendar</p>
                     </a>
                  </li>
                  <li>
                     <a href="./?view=projects">
                        <i class="fa fa-building"></i>
                        <p>Projects</p>
                     </a>
                  </li>
                  <li>
                     <a href="./?view=categories">
                        <i class="fa fa-th-list"></i>
                        <p>Categories</p>
                     </a>
                  </li>
                  <li>
                     <a href="./?view=reports">
                        <i class="fa fa-area-chart"></i>
                        <p>Reports</p>
                     </a>
                  </li>
                  <li>
                     <a href="./?view=users">
                        <i class="fa fa-users"></i>
                        <p>Users</p>
                     </a>
                  </li>
               </ul>
            </div>
         </div>
         <div class="main-panel">
            <nav class="navbar navbar-transparent navbar-absolute">
               <div class="container-fluid">
                  <div class="navbar-header">
                     <button type="button" class="navbar-toggle" data-toggle="collapse">
                     <span class="sr-only">Toggle navigation</span>
                     <span class="icon-bar"></span>
                     <span class="icon-bar"></span>
                     <span class="icon-bar"></span>
                     </button>
                     <a class="navbar-brand" href="./"><b>Desktop IT Manager</b></a>
                  </div>
                  <div class="collapse navbar-collapse">
                     <ul class="nav navbar-nav navbar-right">
                        <li class="dropdown">
                           <a href="#" class="dropdown-toggle" data-toggle="dropdown">
                           <i class="fa fa-user"></i>
                           &nbsp;<?php echo Core::$user->name." ".Core::$user->lastname." ".Core::$user->kind; ?>
                           </a>
                           <ul class="dropdown-menu">
                              <li class="divider"></li>
                              <li><a href="./?view=configuration">Account Settings</a></li>
                              <li class="divider"></li>
                              <li><a href="logout.php">Logout</a></li>
                           </ul>
                        </li>
                     </ul>
                     <!--
                        <form class="navbar-form navbar-right" role="search">
                          <div class="form-group  is-empty">
                            <input type="text" class="form-control" placeholder="Search">
                            <span class="material-input"></span>
                          </div>
                          <button type="submit" class="btn btn-white btn-round btn-just-icon">
                            <i class="fa fa-search"></i><div class="ripple-container"></div>
                          </button>
                        </form>
                        -->
                  </div>
               </div>
            </nav>
            <div class="content">
               <div class="container-fluid">
                  <?php 
                     View::load("login");
                     ?>
               </div>
            </div>
            <footer class="footer">
               <div class="container-fluid">
                  <nav class="pull-left">
                     <ul>
                        <li>
                        </li>
                        <!--
                           <li>
                             <a href="#">
                               Company
                             </a>
                           </li>
                           <li>
                             <a href="#">
                               Portfolio
                             </a>
                           </li>
                           <li>
                             <a href="#">
                                Blog
                             </a>
                           </li>
                           -->
                     </ul>
                  </nav>
                  <p class="copyright pull-right">
                     Developed by <a href="http://wwww.iesahn.com" target="_blank">Imagen Electrónica S.A de C.V</a> &copy; <script type="text/javascript">document.write(new Date().getFullYear());</script> 
                  </p>
               </div>
            </footer>
         </div>
      </div>
      <?php else:?>
      <?php 
         View::load("login"); 
         ?>
      <?php endif;?>
   </body>

使用<?php echo Core::$user->name." ".Core::$user->lastname." ".Core::$user->kind; ?>我从数据库中提取用户的名字和姓氏,并使用Core::$user->kind我提取用户类型。 1表示管理员,2表示用户。

现在,我想按用户类型限制对故障单系统的某些部分的访问。

我有这个想法,至少对于菜单来说:

  <?php if(isset($_SESSION["user_id"])):?>
     <?php if((<?php echo Core::$user->kind; ?>) == 1):?>
        // insert full <div class="wrapper"> here 
     <?php else:?>
        // insert modified <div class="wrapper"> here (limited functions for 
        // normal users
     <?php endif;?>
  <?php else:?>
  <?php 
     View::load("login");
     ?>
  <?php endif;?>

但是......它不会起作用。我怎样才能使它发挥作用?

1 个答案:

答案 0 :(得分:0)

实际上,这比我想象的要容易。

  <?php if(isset($_SESSION["user_id"])):?>
     <?php if(Core::$user->kind==1):?>
       //Admin Content
     <?php elseif(Core::$user->kind==2):?>
       //User Content
     <?php endif; ?>    
  <?php else:?>
  <?php 
     View::load("login");         
     ?>
  <?php endif;?>

这完美无缺。我将使用此验证票证系统的所有其他部分。