News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Developer.com:
Creating a Custom ACL in PHP
May 11, 2012 @ 10:53:23

On Developer.com there's a recent tutorial showing you how to create a basic access control list in PHP (not in any specific framework). It allows you to define not only user permissions but groups and group permissions as well.

So, what are the advantages of an ACL model? The first advantage is security. Using this model will make your application more secure and less vulnerable to exploits. When securing any program, it is good to give to the user only the privileges he/she needs. That means that, for example, you should not give super administrator privileges to someone who will only manage website content. The ACL security model allows you to do just that. The second advantage is the easiness of user management. You can divide users into groups, while each group has certain access permissions. Also, you can easily add new user groups, delete the old ones or change group permissions.

They include the database structure you'll need to make the backend work (four tables) and the code to create an "Acl" class with methods to check a user+group for a permission, get the permissions for a user and get the permissions for a group. It's a pretty simple system and has a lot more that could be added to it to make it more robust, but it's a good start.

0 comments voice your opinion now!
custom acl access control permission group tutorial database


blog comments powered by Disqus

Similar Posts

Lorna Mitchell's Blog: Google Analytics Accounts API

Tobias Schlitt's Blog: A Two-day Look at PHPWeekender

SitePoint PHP Blog: Markup Separation with Template IT

Gonzalo Ayuso's Blog: Using node.js to store PHP sessions

SitePoint PHP Blog: Redirecting Old URLs in WordPress


Community Events











Don't see your event here?
Let us know!


application facebook package framework introduction language composer code install component hhvm example security overview opinion hack release unittest podcast symfony2

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework