sql;"> -- ---------------------------- -- Table structure for think_auth_group -- ---------------------------- DROP TABLE IF EXISTS `think_auth_group`; CREATE TABLE `think_auth_group` ( `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,`title` char(100) NOT NULL DEFAULT '',`status` tinyint(1) NOT NULL DEFAULT '1',`rules` char(80) NOT NULL DEFAULT '',PRIMARY KEY (`id`) ) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COMMENT='用户组表';

---

-- Records of think_auth_group

---

INSERT INTO think_auth_group VALUES ('1','管理组','1','1,2');

---

-- Table structure for think_auth_group_access

---

DROP TABLE IF EXISTS think_auth_group_access;
CREATE TABLE think_auth_group_access (
uid mediumint(8) unsigned NOT NULL COMMENT '用户id',group_id mediumint(8) unsigned NOT NULL COMMENT '用户组id',UNIQUE KEY uid_group_id (uid,group_id),KEY uid (uid),KEY group_id (group_id)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='用户组明细表';

---

-- Records of think_auth_group_access

---

INSERT INTO think_auth_group_access VALUES ('1','1');
INSERT INTO think_auth_group_access VALUES ('1','2');

---

-- Table structure for think_auth_rule

---

DROP TABLE IF EXISTS think_auth_rule;
CREATE TABLE think_auth_rule (
id mediumint(8) unsigned NOT NULL AUTO_INCREMENT,name char(80) NOT NULL DEFAULT '' COMMENT '规则唯一标识',title char(20) NOT NULL DEFAULT '' COMMENT '规则中文名称',status tinyint(1) NOT NULL DEFAULT '1' COMMENT '状态：为1正常，为0禁用',type char(80) NOT NULL,condition char(100) NOT NULL DEFAULT '' COMMENT '规则表达式，为空表示存在就验证，不为空表示按照条件验证',PRIMARY KEY (id),UNIQUE KEY name (name)
) ENGINE=MyISAM AUTO_INCREMENT=5 DEFAULT CHARSET=utf8 COMMENT='规则表';

---

-- Records of think_auth_rule

---

INSERT INTO think_auth_rule VALUES ('1','Home/index','列表','Home','');
INSERT INTO think_auth_rule VALUES ('2','Home/add','添加','');
INSERT INTO think_auth_rule VALUES ('3','Home/edit','编辑','');
INSERT INTO think_auth_rule VALUES ('4','Home/delete','删除','');

DROP TABLE IF EXISTS think_user;
CREATE TABLE think_user (
id int(11) NOT NULL,username varchar(30) DEFAULT NULL,password varchar(32) DEFAULT NULL,age tinyint(2) DEFAULT NULL,PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

---

-- Records of think_user

---

INSERT INTO think_user VALUES ('1','admin','21232f297a57a5a743894a0e4a801fc3','25');

PHP;"> return array(
//'配置项'=>'配置值'
'DB_DSN' => '',// 数据库连接DSN 用于PDO方式
'DB_TYPE' => 'MysqL',// 数据库类型
'DB_HOST' => 'localhost',// 服务器地址
'DB_NAME' => 'thinkPHP',// 数据库名
'DB_USER' => 'root',// 用户名
'DB_PWD' => 'root',// 密码
'DB_PORT' => 3306,// 端口
'DBPREFIX' => 'think',// 数据库表前缀

'AUTH_CONFIG' => array(
'AUTH_ON' => true,//认证开关
'AUTH_TYPE' => 1,// 认证方式，1为时时认证；2为登录认证。
'AUTH_GROUP' => 'think_auth_group',//用户组数据表名
'AUTH_GROUP_ACCESS' => 'think_auth_group_access',//用户组明细表
'AUTH_RULE' => 'think_auth_rule',//权限规则表
'AUTH_USER' => 'think_user'//用户信息表
)
);

PHP;"> check($name,$uid,$type,$mode,$relation)) { die('认证：成功'); } else { die('认证：失败'); } } }

PHP;"> $Auth = new \Think\Auth();

_config['AUTH_GROUP'] = $prefix . $this->_config['AUTH_GROUP']; $this->_config['AUTH_RULE'] = $prefix . $this->_config['AUTH_RULE']; $this->_config['AUTH_USER'] = $prefix . $this->_config['AUTH_USER']; $this->_config['AUTH_GROUP_ACCESS'] = $prefix . $this->_config['AUTH_GROUP_ACCESS']; if (C('AUTH_CONFIG')) { //可设置配置项 AUTH_CONFIG,此配置项为数组。 $this->_config = array_merge($this->_config,C('AUTH_CONFIG')); } }

PHP;"> check($name,$type = 1,$mode = 'url',$relation = 'or')

_config['AUTH_ON']) { return true; }

getAuthList($uid,$type);

PHP;"> if (is_string($name)) { $name = strtolower($name); if (strpos($name,',') !== false) { $name = explode(',$name); } else { $name = array($name); } }

PHP;"> if ($mode == 'url') { $REQUEST = unserialize(strtolower(serialize($_REQUEST))); }

PHP;"> foreach ($authList as $auth) { $query = preg_replace('/^.+\?/U','',$auth);//获取url参数 if ($mode == 'url' && $query != $auth) { parse_str($query,$param); //获取数组形式url参数 $intersect = array_intersect_assoc($REQUEST,$param); $auth = preg_replace('/\?.*$/U',$auth);//获取访问的url文件 if (in_array($auth,$name) && $intersect == $param) { //如果节点相符且url参数满足 $list[] = $auth; } } else if (in_array($auth,$name)) { $list[] = $auth; } }

PHP;"> $list = array(); //保存验证通过的规则名

if ($relation == 'or' and !empty($list)) {
return true;
}

$diff = array_diff($name,$list);
if ($relation == 'and' and empty($diff)) {
return true;
}

$relation == 'or' and !empty($list); //当or时 只要有一条是通过的 则 权限为真
$relation == 'and' and empty($diff); //当and时 $name与$list完全相等时 权限为真

getAuthList($uid,$type); //获取用户需要验证的所有有效规则列表

getGroups($uid); //SELECT `rules` FROM think_auth_group_access a INNER JOIN think_auth_group g on a.group_id=g.id WHERE ( a.uid='1' and g.status='1' )

sql;"> SELECT `rules` FROM think_auth_group WHERE STATUS = '1' AND id='1'//按正常流程 去think_auth_group_access表中内联有点多余....!

array('in',$ids),'type' => $type,'status' => 1,);

getUserInfo($uid); //获取用户信息,一维数组 $command = preg_replace('/\{(\w*?)\}/','$user[\'\\1\']',$rule['condition']); //dump($command);//debug @(eval('$condition=(' . $command . ');')); if ($condition) { $authList[] = strtolower($rule['name']); } } else { //只要存在就记录 $authList[] = strtolower($rule['name']); } } if (!empty($rule['condition'])) { //根据condition进行验证

PHP;"> $command = preg_replace('/\{(\w*?)\}/',$rule['condition']); @(eval('$condition=(' . $command . ');'));

10 @(eval('$condition=(' . $command . ');'));

10);

PHP;"> if ($condition) { $authList[] = strtolower($rule['name']); }