Using PHP and SQLite to implement user permissions and access control

In modern web applications, user permissions and access control are a very important part. With proper permissions management, you can ensure that only authorized users can access specific pages and functions. In this article, we will learn how to implement basic user permissions and access control using PHP and SQLite.

First, we need to create a SQLite database to store information about users and their permissions. The following is the structure of a simple user table and permission table:

CREATE TABLE users (
    id INTEGER PRIMARY KEY,
    username TEXT,
    password TEXT
);

CREATE TABLE permissions (
    id INTEGER PRIMARY KEY,
    name TEXT,
    description TEXT
);

CREATE TABLE user_permissions (
    user_id INTEGER,
    permission_id INTEGER,
    FOREIGN KEY (user_id) REFERENCES users(id),
    FOREIGN KEY (permission_id) REFERENCES permissions(id)
);

In this example, we created three tables. usersThe table stores basic information of users, including id, username and password. permissionsThe table stores all available permissions, each permission has an id, name and description. user_permissionsThe table is a correlation table used to associate users with their permissions. The table uses user_id and permission_id as foreign keys.

Next, we can use PHP code to implement user registration, login and permission checking functions. The following is a simplified version of the sample code:

<?php
class User {
    private $db;

    public function __construct() {
        $this->db = new SQLite3('path/to/database.db');
    }

    public function register($username, $password) {
        // 檢查用戶名是否已經(jīng)存在
        if ($this->getUserByUsername($username)) {
            return false;
        }

        // 生成密碼哈希
        $hashedPassword = password_hash($password, PASSWORD_DEFAULT);

        // 插入新用戶到數(shù)據(jù)庫
        $stmt = $this->db->prepare('INSERT INTO users (username, password) VALUES (:username, :password)');
        $stmt->bindParam(':username', $username);
        $stmt->bindParam(':password', $hashedPassword);
        $stmt->execute();

        return true;
    }

    public function login($username, $password) {
        // 獲取用戶信息
        $user = $this->getUserByUsername($username);

        // 驗(yàn)證密碼
        if ($user && password_verify($password, $user['password'])) {
            // 存儲(chǔ)用戶信息到會(huì)話
            $_SESSION['user'] = $user;
            return true;
        }

        return false;
    }

    public function isLoggedIn() {
        return isset($_SESSION['user']);
    }

    public function hasPermission($permission) {
        if (!$this->isLoggedIn()) {
            return false;
        }

        // 檢查用戶權(quán)限
        $stmt = $this->db->prepare('SELECT COUNT(*) FROM user_permissions WHERE user_id = :user_id AND permission_id = :permission_id');
        $stmt->bindParam(':user_id', $_SESSION['user']['id']);
        $stmt->bindParam(':permission_id', $permission);
        $result = $stmt->execute()->fetchArray();

        return $result[0] > 0;
    }

    private function getUserByUsername($username) {
        $stmt = $this->db->prepare('SELECT * FROM users WHERE username = :username');
        $stmt->bindParam(':username', $username);
        $result = $stmt->execute()->fetchArray();

        return $result ? $result : false;
    }
}
?>

The above code is a simple User class, which provides registration, login and permission checking functions. In the constructor, we connect to the SQLite database. The register method is used for user registration, it checks whether the username already exists, and then inserts the new user into the database. The login method is used for user login, it verifies the password and stores the user information in the session. The isLoggedIn method checks whether the user has logged in, and the hasPermission method checks whether the user has specific permissions.

Usage example:

<?php
// 實(shí)例化User類
$user = new User();

// 用戶注冊(cè)
$user->register('alice', 'password');

// 用戶登錄
$user->login('alice', 'password');

// 檢查用戶權(quán)限
if ($user->hasPermission(1)) {
    echo 'User has permission!';
} else {
    echo 'Access denied!';
}
?>

In the above example, we first instantiate the User class. We then registered a new user and logged in using that user. Finally, we check whether the user has permission 1 and output the appropriate message based on the result.

By using PHP and SQLite, we can easily implement user permissions and access control functions. This example is just a basic implementation. You can make some extensions and improvements according to your own needs, such as adding more advanced permission management and role control. Hope this article helps you!

The above is the detailed content of Implementing user permissions and access control using PHP and SQLite. For more information, please follow other related articles on the PHP Chinese website!