一:控制器部分
1 <?php 2 namespace app\controllers; 3 4 use yii\web\Controller; 5 6 class PreController extends Controller{ 7 public $enableCsrfValidation=false; 8 9 function actionIndex(){ 10 11 return $this->render('index'); 12 } 13 14 function actionLogin(){ 15 $username= \Yii::$app->request->post('user'); 16 17 $pwd=\Yii::$app->request->post('password'); 18 $data=\Yii::$app->db->createCommand("select*from `user` where username='$username' and password='$pwd'")->queryOne(); 19 20 if($data){ 21 $session = \Yii::$app->session; 22 23 $session->set('uid', $data['id']); 24 $id=$data['id']; 25 //五表连查 26 $res=\Yii::$app->db->createCommand("select *from user join u_r on user.id=u_r.u_id join role on u_r.r_id=role.r_id join r_p on role.r_id=r_p.rid join power on r_p.p_id=power.power_id where user.id=$id")->queryAll(); 27 //将查出的数据存储到session 28 $session->set('power',json_encode($res)); 29 //跳转至权限页面 30 return $this->redirect(['one/show']); 31 }else{ 32 echo "<a href='index'>输入错误</a>";die; 33 } 34 } 35 36 37 }
二:权限部分,并进行CURD
<?php namespace app\controllers; use app\models\Zs; use yii\web\Controller; class OneController extends Controller{ //相当与构造函数 function init() { $session = \Yii::$app->session; $id=$session->get('uid'); //非法登陆限制 if(empty($id)){ echo "<a href='/pre/index'>请先登陆</a>";die; } $power=$session->get('power'); $data=json_decode($power); //当前访问的控制器和方法 $now_url=\Yii::$app->requestedRoute; foreach ($data as $k=>$v){ //数据库中定义的控制器和方法 $arr[]=$v->controller.'/'.$v->function; } //权限控制 if(!in_array($now_url,$arr)){ echo "<a href='/pre/index'>权限不够,请重新登陆</a>";die; } } function actionShow(){ $session = \Yii::$app->session; $data=json_decode($session->get('power'),1); $res=$this->gettree($data,0); return $this->render('show',['data'=>$res]); } //递归实现 function gettree($data,$pid){ $tree=[]; foreach ($data as $k=>$v){ if($v['pid']==$pid){ $v['son']=$this->gettree($data,$v['power_id']); $tree[]=$v; } } return $tree; } //这是为了展示,方法名没有改 function actionAdd(){ $data=\Yii::$app->db->createCommand("select*from zs")->queryAll(); return $this->render('add',['data'=>$data]); } //删除 function actionDel(){ $id=\Yii::$app->request->get('id'); $res=\Yii::$app->db->createCommand("delete from zs where id=$id")->execute(); if($res){ return $this->redirect('add'); } } }
三:展示用户当前权限
1 <!doctype html> 2 <html lang="en"> 3 <head> 4 <meta charset="UTF-8"> 5 <meta name="viewport" 6 content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> 7 <meta http-equiv="X-UA-Compatible" content="ie=edge"> 8 <title>Document</title> 9 </head> 10 <body> 11 <table> 12 <!-- 递归展示数据--> 13 <?php foreach ($data as $k=>$v) {?> 14 <tr> 15 <?php echo $v['power'] ?><br> 16 <?php foreach ($v['son'] as $kk=>$vv) {?> 17 <a href="<?php echo $vv['function'] ?>"> <?php echo $vv['power'] ?></a><br> 18 </tr> 19 <?php }?> 20 <?php }?> 21 </table> 22 </body> 23 </html>
四:展示页面
1 <?php 2 $session = \Yii::$app->session; 3 4 5 ?> 6 <!doctype html> 7 <html lang="en"> 8 <head> 9 <meta charset="UTF-8"> 10 <meta name="viewport" 11 content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> 12 <meta http-equiv="X-UA-Compatible" content="ie=edge"> 13 <title>Document</title> 14 </head> 15 <body> 16 <table border="1" class="table"> 17 <tr> 18 <td>id</td> 19 <td>用户</td> 20 <td>手机</td> 21 <td>街道</td> 22 <td>操作</td> 23 </tr> 24 <?php foreach ($data as $k=>$v) {?> 25 <tr> 26 <td><?php echo $v['id'] ?></td> 27 <td><?php echo $v['name'] ?></td> 28 <td><?php echo $v['tel'] ?></td> 29 <td><?php echo $v['stree'] ?></td> 30 <!-- 删除按钮:管理员可删除,普通用户点击不会删除--> 31 <?php if($session->get('uid')==1){?> 32 33 <td><a href="del?id=<?php echo $v['id'] ?>" class="del" id="<?php echo $v['id'] ?>">删除</a></td> 34 35 <?php }else {?> 36 <td><a href="#" class="del" id="<?php echo $v['id'] ?>">删除</a></td> 37 <?php }?> 38 </tr> 39 <?php }?> 40 </table> 41 </body> 42 </html> 43 <script src="../jquery-3.3.1.min.js"></script> 44 <script> 45 46 </script>