Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $config = include '../config.file.php';
- try {
- $db = new PDO('mysql:host='.$config['dbhost'].';dbname='.$config['dbname'].';charset=utf8mb4', $config['dbusername'], $config['dbpass']);
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
- } catch(PDOException $ex) {
- echo $ex->getMessage();
- }
- <?php
- session_start();
- // Starts the Session Expire Checker
- require 'SessionExpireChecker.php';
- // Checks whether user is a valid user
- if (isset($_SESSION['valid_user'])) {
- require_once './classes/Role.php';
- require_once './classes/EntitledUser.php';
- require_once '../DBConnect.php';
- $u = EntitledUser::getByUsername($db, $_SESSION['valid_user']);
- if ($u->isEntitled('can_view_testme')) {
- echo "You have permission to read.<br />";
- }
- if ($u->isEntitled('can_edit_testme')) {
- echo "You have permission to edit/update.<br />";
- }
- if ($u->isEntitled('can_delete_testme')) {
- echo "You have permission to delete.<br />";
- }
- if ($u->isEntitled('can_create_testme')) {
- echo "You have permission to create/add.<br />";
- }
- }
- <?php
- class EntitledUser
- {
- private $db;
- private $roles;
- public function __construct(PDO $db) {
- $this->db = $db;
- }
- public static function getByUsername(PDO $db, $username) {
- try {
- $stmt = $db->prepare("SELECT authorized_users.USERname FROM authorized_users WHERE authorized_users.USERname = :usernamevar");
- $stmt->bindValue(':usernamevar', $username, PDO::PARAM_STR);
- $stmt->execute();
- } catch(PDOException $ex) {
- echo $ex->getMessage();
- }
- $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
- if (!empty($result)) {
- $entUser = new EntitledUser($db);
- $entUser->user_id = $result[0]['USERname'];
- $entUser->initializeRoles();
- return $entUser;
- } else {
- return false;
- }
- }
- protected function initializeRoles() {
- $this->roles = array();
- try {
- $stmt2 = $this->db->prepare("SELECT rbac_user_roles.USERname, rbac_user_roles.role_id, rbac_roles.role_id, rbac_roles.role_name
- FROM rbac_user_roles, rbac_roles
- WHERE rbac_user_roles.role_id = rbac_roles.role_id
- AND rbac_user_roles.USERname = :user_idvar");
- $stmt2->bindValue(':user_idvar', $this->user_id, PDO::PARAM_STR);
- $stmt2->execute();
- } catch(PDOException $ex) {
- echo $ex->getMessage();
- }
- while($row = $stmt2->fetch(PDO::FETCH_ASSOC)) {
- $this->roles[$row['role_name']] = Role::getRolePermissions($this->db, $row['role_id']);
- }
- }
- // check if user has a specific entitlement
- public function isEntitled($permission) {
- foreach ($this->roles as $role) {
- if ($role->hasPermission($permission)) {
- return true;
- }
- }
- return false;
- }
- <?php
- class Role
- {
- protected $permissions;
- protected function __construct() {
- $this->permissions = array();
- }
- // return a role object with permissions
- public static function getRolePermissions(PDO $db, $role_id) {
- $role = new Role();
- try {
- $stmt3 = $db->prepare("SELECT rbac_role_permissions.role_id, rbac_role_permissions.permission_id, rbac_permissions.permission_id, rbac_permissions.permission_description
- FROM rbac_role_permissions, rbac_permissions
- WHERE rbac_role_permissions.permission_id = rbac_permissions.permission_id
- AND rbac_role_permissions.role_id = :role_idvar");
- $stmt3->bindValue(':role_idvar', $role_id, PDO::PARAM_STR);
- $stmt3->execute();
- } catch(PDOException $ex) {
- echo $ex->getMessage();
- }
- while($row = $stmt3->fetch(PDO::FETCH_ASSOC)) {
- $role->permissions[$row['permission_description']] = true;
- }
- return $role;
- }
- // check if a permission is set
- public function hasPermission($permission) {
- return isset($this->permissions[$permission]);
- }
- }
Add Comment
Please, Sign In to add comment
