1

我有一个具有以下 url 的用户个人资料页面:www.XXXXXXX.com/userid/45

当用户将 /userid/45 更改为 /userid/47 时,有没有办法阻止访问其他页面

4

3 回答 3

0

I was looking for this in wordpress and only after posting my answer did I even realize you were asking about something other than wordpress... Oh well, for people who make my same mistake, here is the same thing, but for wordpress:

You can modify this to make it redirect all users instead of just one user by changing the == to != and enter just the admin id (usually "1").

add_action('admin_init', 'redirect_to_forum');
function redirect_to_forum(){
    $current_user=wp_get_current_user();

    if($current_user->user_id == "47"){
        header('Location: http://somewhereelse.com');
    }
}
于 2012-01-07T17:32:56.823 回答
0

根据您使用的语言,用户个人资料页面上的内容如下:

if url_segment(2) != user_info['userid']
  render no_permission
end
于 2011-09-15T19:29:53.393 回答
0

您可能想看看 Zend_Acl。

http://framework.zend.com/manual/en/zend.acl.introduction.html

这将允许您根据发出请求的角色的分配权限来控制对某些资源(例如配置文件)的访问。您还可以使用断言指定更细粒度的访问。

因此,例如,您为在您的​​站点上注册的用户指定了一个“注册”角色,他们也将拥有一个个人资料页面。您的规则可能如下所示:-

“已注册”可以“显示”“个人资料”“如果是他们的个人资料”。

角色:“注册”

特权:'显示'

资源:“个人资料”

断言:检查所有权的代码

于 2011-09-16T08:36:33.107 回答