0

这是我的交易:我找到了一个简单的 ACL,并且完全爱上了它。问题?这一切都在 mysql 中,而不是 mysqli 中。我网站的其余部分是用 mysqli 编写的,所以这让我很困扰。

我的问题是 ACL 可以在没有全局变量的情况下轻松连接,因为我已经连接到数据库,而 mysql 不是面向对象的。

1)是否需要转换为mysqli?2)我怎样才能轻松地全部转换?

代码:

<?

    class ACL
    {
        var $perms = array();       //Array : Stores the permissions for the user
        var $userID = 0;            //Integer : Stores the ID of the current user
        var $userRoles = array();   //Array : Stores the roles of the current user

        function __constructor($userID = '')
        {
            if ($userID != '')
            {
                $this->userID = floatval($userID);
            } else {
                $this->userID = floatval($_SESSION['userID']);
            }
            $this->userRoles = $this->getUserRoles('ids');
            $this->buildACL();

        }

        function ACL($userID = '')
        {
            $this->__constructor($userID);
            //crutch for PHP4 setups
        }

        function buildACL()
        {
            //first, get the rules for the user's role
            if (count($this->userRoles) > 0)
            {
                $this->perms = array_merge($this->perms,$this->getRolePerms($this->userRoles));
            }
            //then, get the individual user permissions
            $this->perms = array_merge($this->perms,$this->getUserPerms($this->userID));
        }

        function getPermKeyFromID($permID)
        {
            $strSQL = "SELECT `permKey` FROM `permissions` WHERE `ID` = " . floatval($permID) . " LIMIT 1";
            $data = mysql_query($strSQL);
            $row = mysql_fetch_array($data);
            return $row[0];
        }

        function getPermNameFromID($permID)
        {
            $strSQL = "SELECT `permName` FROM `permissions` WHERE `ID` = " . floatval($permID) . " LIMIT 1";
            $data = mysql_query($strSQL);
            $row = mysql_fetch_array($data);
            return $row[0];
        }

        function getRoleNameFromID($roleID)
        {
            $strSQL = "SELECT `roleName` FROM `roles` WHERE `ID` = " . floatval($roleID) . " LIMIT 1";
            $data = mysql_query($strSQL);
            $row = mysql_fetch_array($data);
            return $row[0];
        }

        function getUserRoles()
        {
            $strSQL = "SELECT * FROM `user_roles` WHERE `userID` = " . floatval($this->userID) . " ORDER BY `addDate` ASC";
            $data = mysql_query($strSQL);
            $resp = array();
            while($row = mysql_fetch_array($data))
            {
                $resp[] = $row['roleID'];
            }
            return $resp;
        }

        function getAllRoles($format='ids')
        {
            $format = strtolower($format);
            $strSQL = "SELECT * FROM `roles` ORDER BY `roleName` ASC";
            $data = mysql_query($strSQL);
            $resp = array();
            while($row = mysql_fetch_array($data))
            {
                if ($format == 'full')
                {
                    $resp[] = array("ID" => $row['ID'],"Name" => $row['roleName']);
                } else {
                    $resp[] = $row['ID'];
                }
            }
            return $resp;
        }

        function getAllPerms($format='ids')
        {
            $format = strtolower($format);
            $strSQL = "SELECT * FROM `permissions` ORDER BY `permName` ASC";
            $data = mysql_query($strSQL);
            $resp = array();
            while($row = mysql_fetch_assoc($data))
            {
                if ($format == 'full')
                {
                    $resp[$row['permKey']] = array('ID' => $row['ID'], 'Name' => $row['permName'], 'Key' => $row['permKey']);
                } else {
                    $resp[] = $row['ID'];
                }
            }
            return $resp;
        }

        function getRolePerms($role)
        {
            if (is_array($role))
            {
                $roleSQL = "SELECT * FROM `role_perms` WHERE `roleID` IN (" . implode(",",$role) . ") ORDER BY `ID` ASC";
            } else {
                $roleSQL = "SELECT * FROM `role_perms` WHERE `roleID` = " . floatval($role) . " ORDER BY `ID` ASC";
            }
            $data = mysql_query($roleSQL);
            $perms = array();
            while($row = mysql_fetch_assoc($data))
            {
                $pK = strtolower($this->getPermKeyFromID($row['permID']));
                if ($pK == '') { continue; }
                if ($row['value'] === '1') {
                    $hP = true;
                } else {
                    $hP = false;
                }
                $perms[$pK] = array('perm' => $pK,'inheritted' => true,'value' => $hP,'Name' => $this->getPermNameFromID($row['permID']),'ID' => $row['permID']);
            }
            return $perms;
        }

        function getUserPerms($userID)
        {
            $strSQL = "SELECT * FROM `user_perms` WHERE `userID` = " . floatval($userID) . " ORDER BY `addDate` ASC";
            $data = mysql_query($strSQL);
            $perms = array();
            while($row = mysql_fetch_assoc($data))
            {
                $pK = strtolower($this->getPermKeyFromID($row['permID']));
                if ($pK == '') { continue; }
                if ($row['value'] == '1') {
                    $hP = true;
                } else {
                    $hP = false;
                }
                $perms[$pK] = array('perm' => $pK,'inheritted' => false,'value' => $hP,'Name' => $this->getPermNameFromID($row['permID']),'ID' => $row['permID']);
            }
            return $perms;
        }

        function userHasRole($roleID)
        {
            foreach($this->userRoles as $k => $v)
            {
                if (floatval($v) === floatval($roleID))
                {
                    return true;
                }
            }
            return false;
        }

        function hasPermission($permKey)
        {
            $permKey = strtolower($permKey);
            if (array_key_exists($permKey,$this->perms))
            {
                if ($this->perms[$permKey]['value'] === '1' || $this->perms[$permKey]['value'] === true)
                {
                    return true;
                } else {
                    return false;
                }
            } else {
                return false;
            }
        }

        function getUsername($userID)
        {
            $strSQL = "SELECT `username` FROM `users` WHERE `ID` = " . floatval($userID) . " LIMIT 1";
            $data = mysql_query($strSQL);
            $row = mysql_fetch_array($data);
            return $row[0];
        }
    }

?>
4

2 回答 2

1

只需$mysqli向这个类添加一个属性,并MySQLi在构造函数中将对象传递给它。

class ACL {

  private $mysqli;

  public function __construct(MySQLi $mysqli) {
    $this->mysqli = $mysqli;
    /* rest of your code */
  }
}

剩下的就是搜索和替换了。

于 2013-03-11T22:48:33.573 回答
1

编写代码以支持 PHP4。这告诉了我两件事:首先,作者即使想使用 mysqli 也无法使用,因为 PHP4 没有它,其次,代码可能很旧,并且是在 PHP 开发人员开始真正尝试之前编写的推动开发者使用 mysqli 而不是 mysql。

如果它写得很好,那么将其转换为使用 mysqli 应该是小菜一碟。mysql 和 mysqli 在基本级别上的 API 差异实际上非常小。主要区别是将连接对象传递给查询函数的要求。这在 mysql 中是可选的,并且经常被忽略,因为它似乎在这段代码中。

因此,您的主要挑战是让该连接对象变量在您进行 mysqli 函数调用的任何地方都可用。简单的方法就是让它成为类的属性,所以它在类的任何地方都可用。

我还建议您放弃其他 php4 支持位;它们不是必需的,它们会妨碍您。

于 2013-03-11T22:51:35.040 回答