Reply to Re: Security matrix

Your name:

Reply:


Posted by Kimmo Laine on 10/18/06 07:19

<weetat.yeo@gmail.com> wrote in message
news:1161153904.863203.327090@m73g2000cwd.googlegroups.com...
> Hi all ,
>
> I need to Security Matrix in my php project.
>
> The Security Matrix are Administrator , Engineer, Storeman and
> Customer.
> One of my peers said to make php project more robust, he asked me to
> use byte value as security matrix. For example as shown below:
>
> User id Name Security Matrix
> 1 A 15
> 2 B 1
> 3 C 2
>
> from table above user A is 1111
> (Administrator,Engineer,Storeman,Customer) , B is 0001 (Customer) and C
> is 0010 ( Storeman)
>
> My question is how i am going to check if the user is Administrator
> or Customer or etc ?
> Any php function to check it?


It's jsut plain and simple boolean math, althou I have no idea how this is
going to make it "more robust"...

When checking if a bitfield has a certain bit set, you use a bit mask and a
bitwise operation to compare them.

15 as binary is 1111, 1 is 0001 and 2 is 0010

Now, let's say user level of admin requires the fourth bit to be set, you
use a bit mask 8, 1000 as binary. Now to bitwise operation, we'll use AND
operation for comparison:
1000 & 1111 = 1000, now since 1000 is "not null", it's true, the guy really
is an admin. Now, what if he was storeman, say 0010. Again compare to 1000
using AND:
1000 & 0010 = 0000, it's null, the user isn't admin.

So basicly you just define the user right masks and use them to check the
user level.

$customer = bindec('0001');
$storeman = bindec('0010');
$engineer = bindec('0100');
$admin = bindec('1000');

if( $matrix & $admin )
echo("Hooray, you're an admin!");

if( $matrix & $engineer )
echo("You're an engineer, good for you!");

if( $matrix & $storeman )
echo("Just a storeman!");

if( $matrix & $custoimer )
echo("Boo-hoo, nothing but a lowly customer!");

Again, I see no connection between "robust" and this here, this is just a
way of storing multiple values to a single integer, but the reason this is
quite handy is that you can be an admin and an engineer at the same time as
"1100", but for example a normalized database would not allow multiple
values in one field, each field should be assigned one boolean field in a
database...

--
"Ohjelmoija on organismi joka muuttaa kofeiinia koodiksi" - lpk
http://outolempi.net/ahdistus/ - Satunnaisesti pδivittyvδ nettisarjis
spam@outolempi.net | rot13(xvzzb@bhgbyrzcv.arg)

[Back to original message]
УдалСнная Ρ€Π°Π±ΠΎΡ‚Π° для программистов  •  Как Π·Π°Ρ€Π°Π±ΠΎΡ‚Π°Ρ‚ΡŒ Π½Π° Google AdSense  •  England, UK  •  ΡΡ‚Π°Ρ‚ΡŒΠΈ Π½Π° английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Π‘Π°ΠΉΡ‚ ΠΈΠ·Π³ΠΎΡ‚ΠΎΠ²Π»Π΅Π½ Π² Π‘Ρ‚ΡƒΠ΄ΠΈΠΈ Π’Π°Π»Π΅Π½Ρ‚ΠΈΠ½Π° ΠŸΠ΅Ρ‚Ρ€ΡƒΡ‡Π΅ΠΊΠ°
ΠΈΠ·Π³ΠΎΡ‚ΠΎΠ²Π»Π΅Π½ΠΈΠ΅ ΠΈ ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° Π²Π΅Π±-сайтов, Ρ€Π°Π·Ρ€Π°Π±ΠΎΡ‚ΠΊΠ° ΠΏΡ€ΠΎΠ³Ρ€Π°ΠΌΠΌΠ½ΠΎΠ³ΠΎ обСспСчСния, поисковая оптимизация