如何限制用户查看信息 [英] How to restrict users from viewing information

问题描述

我的报告部分有一个报告列表，其中某些报告仅用于高层管理.我不希望中级用户查看这些报告.如何在PHP中实现呢?例如，我有一个报告区域MANPOWER，其中包含多个子报告，但是其中一些子报告只对最高管理者可见，我正在从XML文件中检索这些报告的列表.

在此先感谢..

I have a list of reports in my reports section in which some reports are only meant for the top level management. I don''t want the middle level users to view these reports. How can I achieve that in PHP? Like for example I have a reports section MANPOWER which has multiple sub reports but some of them should be only visible to top management and I am retrieving the list of these reports from an XML file.

Thanks in advance..

推荐答案

从数据库中提取数据?像这样，允许这种类型的用户(或特定用户)查看报告，但不能查看其他报告?

例如

表格:
用户:

用户ID:int
用户名:nvarchar(50)
UserReports:int


报告:

ReportID:int
报告名称:nvarchar(150)


UserReports:
用户ID:int(fk rel Users.UserID)
ReportID:int(fk rel Reports.ReportID)
CanView:位



当然，在Windows上使用域组和策略要好得多.这是黑客

Pulling data from a database? As in, users of this type (or a particular user) is allowed to view a report but not another?

e.g.

Table:
Users:

UserID: int
UserName: nvarchar(50)
UserReports: int


Reports:

ReportID: int
ReportName: nvarchar(150)


UserReports:
UserID: int (fk rel Users.UserID)
ReportID: int (fk rel Reports.ReportID)
CanView: bit



Of course, on windows you''d be so much better of using domain groups and policies. This is a hack

亲爱的伊斯梅尔，
我明白你的意思，但是我将如何维持权限级别..
每当我创建一个新用户时，我都会计划将其放置在conbobox中，然后再将其放置在"Top Mngt"，"Middle Mgnt"，"Lower Mgnt"等值中.
因此，如果我选择该用户为顶级Mgnt，那么他应该能够查看所有报告或其他内容，如果该用户是中级用户，则受限制，就像这样..
你能建议我一种方法吗?
Jazakallah Khair

Dear Ismail,
I got your point but then how will i maintain the permission level..
Whenever i create a new user i am planning something like putting a conbobox their and then putting the values like "Top Mngt","Middle Mgnt","Lower Mgnt" etc.
So if i select the user to be top Mgnt then he should be able to see all the reports or whatevert and if user is middle level then limited and like that..
Can u suggest me a way to do that..
Jazakallah Khair

亲爱的khanishfaq82，

我认为Ismail已经向您展示了完成工作的捷径.使用数据库表存储所有用户及其优先级.当为特定用户加载页面时，请检查该用户在该表中的优先级，并根据该优先级决定要显示的报告.
还有一件事，您说用户将从下拉菜单中选择优先级，然后显示报告.然后，如果下级杠杆人员选择上级管理人员的优先级，您将怎么办.您必须将哪个用户属于哪个优先级组存储在某个地方. (您可以使用其他方法来存储用户优先级信息，例如xml或纯文本文件.但是您需要该信息来为用户获取适当的报告.)

希望您能了解Ismail和我的观点.

Dear khanishfaq82,

I think Ismail has already shown you clear cut way to do you job. Use database tables to store all the users with their priority level. And when page is loaded for particular user check his priority in that table and decide according which reports you want to show for that priority.
And one more thing, you are saying user will select priority from drop down menu and you will show reports. Then what will you do if lower lever person select priority of higher management. You have to store somewhere that which user belongs to which priority group. (you can use some other method to store user-priority information like xml or plain text file. But you need that information to fetch appropriate report for a user.)

Hope you got Ismail and my point.

这篇关于如何限制用户查看信息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！