2复选框之间的链接问题,不应该插入数据

时间:2019-09-11 08:59:30

标签: php postgresql multidimensional-array checkbox

好的,我有问题。让我解释一下。

我需要在一些输入(复选框)中列出所有模式,然后我们才能选择要操纵的一个或多个模式,以赋予特定用户特权。

反正我明白了,

<div id="list-schemas">
    <?php
        foreach ($schemas as $elt) {
        echo '<input type="checkbox" name="schemas[]" value="' . $elt->getSchema() . '"/>' . $elt->getSchema() . '<br />';
        }
    ?>
</div>

然后,我还需要添加一些具有特权的复选框,我这样做了:

<div id="div-privileges">
    <?php
        foreach ($schemas as $elt) {
            echo '<div class="list">';
            echo '<label for="list">' . $elt->getSchema() . ' :</label><br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="REVOKE"/> REVOKE ? <br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="ALL"/> ALL PRIVILEGES ? <br />';
            echo '<hr>';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="SELECT"/> SELECT ? <br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="INSERT"/> INSERT ? <br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="UPDATE"/> UPDATE ?  <br />';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="DELETE"/> DELETE ?  <br />';
            echo '<hr>';
            echo '<input type="checkbox" name="privileges[' . $elt->getSchema() . '][]" value="CREATE"/>CREATE ?  <br />';
            echo '</div>';
        }
    ?>
</div>

它看起来像是:https://image.noelshack.com/fichiers/2019/37/3/1568191628-capture2.png

这么说,这是我的UserManager.class.php中的函数更新:

public static function update(User $newPerso){

    $db = DbConnect::getDb();
    $newLogin= pg_escape_string($newPerso->getLogin());
    $arraySchemas=$newPerso->getSchemas();
    $arrayPrivileges=$newPerso->getPrivileges();

    if (isset($arraySchemas)){

        foreach($arrayPrivileges as $schema => $privileges){

            if (isset($arrayPrivileges)){

                foreach($privileges as $privilege){

                    if($privilege=="REVOKE"){
                        pg_query("{$privilege} ALL ON ALL TABLES IN SCHEMA {$schema} FROM {$newLogin};");
                    }

                    else if($privilege=="CREATE"){
                        pg_query("GRANT {$privilege} ON SCHEMA {$schema} TO {$newLogin};");
                    }

                    else if($privilege=="ALL" || $privilege=="INSERT" || $privilege=="SELECT" || $privilege=="UPDATE" || $privilege=="DELETE"){
                        pg_query("GRANT {$privilege} ON ALL TABLES IN SCHEMA {$schema} TO {$newLogin};");
                    }
                }
            }
        }
    }
}

事实是,当我这样做时:https://image.noelshack.com/fichiers/2019/37/3/1568193038-capture3.png

它有效,用户在“ public”上具有SELECT + INSERT,在“ schematest”上具有UPDATE + DELETE

但是

当我这样做时:https://image.noelshack.com/fichiers/2019/37/3/1568186255-capture.png

(在该示例中)我的用户将具有:

这两个模式中的所有特权...

正常情况下,它适用于“公共”,但如何防止“模式测试”。?

1 个答案:

答案 0 :(得分:0)

伙计们,我添加了一个“ && in_array($ schema,$ arraySchemas)”

现在看来可以了,让我告诉你:

public static function update(User $newPerso){

    $db = DbConnect::getDb();
    $newLogin= pg_escape_string($newPerso->getLogin());
    $arraySchemas=$newPerso->getSchemas();
    $arrayPrivileges=$newPerso->getPrivileges();

    if (isset($arraySchemas)){

        foreach($arrayPrivileges as $schema => $privileges){

            if (isset($arrayPrivileges) && in_array($schema, $arraySchemas)){ /****<- RIGHT HERE****/

                foreach($privileges as $privilege){

                    if($privilege=="REVOKE"){
                        pg_query("{$privilege} ALL ON ALL TABLES IN SCHEMA {$schema} FROM {$newLogin};");
                    }

                    else if($privilege=="CREATE"){
                        pg_query("GRANT {$privilege} ON SCHEMA {$schema} TO {$newLogin};");
                        pg_query("GRANT USAGE ON SCHEMA {$schema} TO {$newLogin};");  
                    }

                    else if($privilege=="ALL" || $privilege=="INSERT" || $privilege=="SELECT" || $privilege=="UPDATE" || $privilege=="DELETE"){
                        pg_query("GRANT {$privilege} ON ALL TABLES IN SCHEMA {$schema} TO {$newLogin};");
                        pg_query("GRANT USAGE ON SCHEMA {$schema} TO {$newLogin};"); 
                    }
                }
            }
        }
    }
}
相关问题
最新问题