News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Developer.com:
Creating a Custom ACL in PHP
May 11, 2012 @ 10:53:23

On Developer.com there's a recent tutorial showing you how to create a basic access control list in PHP (not in any specific framework). It allows you to define not only user permissions but groups and group permissions as well.

So, what are the advantages of an ACL model? The first advantage is security. Using this model will make your application more secure and less vulnerable to exploits. When securing any program, it is good to give to the user only the privileges he/she needs. That means that, for example, you should not give super administrator privileges to someone who will only manage website content. The ACL security model allows you to do just that. The second advantage is the easiness of user management. You can divide users into groups, while each group has certain access permissions. Also, you can easily add new user groups, delete the old ones or change group permissions.

They include the database structure you'll need to make the backend work (four tables) and the code to create an "Acl" class with methods to check a user+group for a permission, get the permissions for a user and get the permissions for a group. It's a pretty simple system and has a lot more that could be added to it to make it more robust, but it's a good start.

0 comments voice your opinion now!
custom acl access control permission group tutorial database


blog comments powered by Disqus

Similar Posts

SitePoint PHP Blog: Visualize Your Code’s Quality with PhpMetrics

SpinDrop.us: Using Zend Search Lucene in a symfony app

DevShed: Handling Result Sets and More with PDO Objects in PHP 5

Developer Drive: Creating a PHP User Survey: Writing to Database Tables

NetTuts.com: Understanding and Working with Relationships Between Data in WordPress


Community Events





Don't see your event here?
Let us know!


opinion conference introduction laravel list configure api unittest release extension language composer framework interview symfony community voicesoftheelephpant series podcast version

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework