I am trying to find simple PHP system that would have user control for multiple roles, would be easy to modify/change to suit needs but providing good security level.
Been looking around but nothing specific has been found yet. Ideally PHP 7 but 5.2+ considered too.
So in short spec:
PHP 5.2+
MySQL DB
User roles (min 3)
Easy to modify
Good documentation
Any thoughts? Got codeigniter on the list but it requires quite a bit of work, was thinking if there is something more suitable.
Seriously, donāt even consider anything less than 5.6. 5.5 hasnāt been supported for over 2 years. Stick to version 7 and up.
Well then it makes even shorter list of such systems/frames?
I guess so, but you donāt want ones that have built-in security issues, do you?
True, but this system would not be used in public, only for internal use. Surely, latest version would make it last longer and as far as I know work faster/more efficient.
So, any examples?
Use laravel Framework !
Any more details why please?
You first because it is very unclear what you are asking for. You mentioned CodeIgniter as a possible candidate but thatās a framework, not a āsystemā. Plus there are at least three distinct versions of CodeIgniter out there.
You brought up php version but I have no idea where that fits in. Especially since support for all versions of php 5 will end in a few months.
Symfony has a powerful component that supports users and roles. Maybe that is what you are asking for. Maybe not.
I get that you are looking for some kind of ādrop inā role addon. What I do not know is what abilities and limitations the different roles would have.
For example:
etc. I think if you put together a rough outline of what youāre after for the various roles it would be a big help to others in coming up with possible options.
Seems that you know the right direction.
At the moment I am not sure yet of how to handle permissions. Each user would have certain pages allowed, but not everyone the same. I.e. if you are mechanic role user, you donāt need access to marketing. But marketing should be split into view & view+edit levels.
Hope this makes sense? To make it simple, Iām thinking of having single (or couple) āeditā buttons per page so thereās less code to load for checking permissions (in comparison of giving ability to edit only certain lines of the list which would increase the length of the code significantly, I think, am I wrong?)
So I think each userās table would contain column for page permission - i.e. if column āSales_pageā has 0 - user cannot see the page, 1 - user can view only, 2 - user has rights to edit. It sounds quite simple, but it needs to be relatively safe & secure, hence Iām asking for system/frame which would be efficient in such way.
All I could think of is forum, CMS, frameworks etc. that had RBAC (Role Based Access Control) as a part of the whole and not anything that could easily be used separately. Yet I had the feeling that there must be something out there somewhere. So I searched.
I found:
But unless Iām missing something these too are part of a whole.
Iām thinking that instead of analyzing or scavenging existing code it might be easier to write your own. This SitePoint article looks like a good place to start.
Thanks, Iāll have a look at those sites.
As for writing on my own, I do not have such skills yet & concerned it would be āsafe enoughā.
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.