如何确保在 codeigniter 中每个事件只能被 role_id 查看(只有超级管理员才能看到所有列表)?
How to make sure every event only can be view by role_id (only super admin can see all the list) in codeigniter?
我的数据可以在这张来自 CodeIgniter 的图片中看到 。
this one is event controller
this one is event model
我想确保每个事件只能通过角色 ID 查看。我试图改变控制器 Event.php:
public function index($school_id = null, $id = null, $role_id=null) {
check_permission(VIEW);
$this->data['events'] = $this->event->get_event_list($school_id, $role_id);
$this->data['roles'] = $this->event->get_list('roles', array('status' => 1), '', '', 'id','ASC');
$this->data['filter_school_id'] = $school_id;
$this->data['schools'] = $this->schools;
$this->data['list'] = TRUE;
$this->layout->title($this->lang->line('manage_event') . ' | ' . SMS);
$this->layout->view('event/index', $this->data);
}
我也尝试改变 event_model.php:
public function get_event_list($school_id = null, $role_id=null) {
$this->db->select('E.*, S.school_name, R.name');
$this->db->from('events AS E');
$this->db->join('roles AS R', 'R.id = E.role_id', 'left');
$this->db->join('schools AS S', 'S.id = E.school_id', 'left');
if($this->session->userdata('role_id') != SUPER_ADMIN){
$this->db->where('E.school_id', $this->session->userdata('school_id'));
$this->db->where('R.role_id', $this->session->userdata('role_id'));
}
if($this->session->userdata('role_id') == SUPER_ADMIN && $school_id){
$this->db->where('E.school_id', $school_id);
}
$this->db->where('S.status', 1);
$this->db->order_by('E.id', 'DESC');
return $this->db->get()->result();
}
我已经知道怎么做了,所以我只更改了一些事件模型的编码:
public function get_event_list($school_id = null, $role_id ){
$this->db->select('E.*, S.school_name, R.name');
$this->db->from('events AS E');
$this->db->join('roles AS R', 'R.id = E.role_id', 'left');
$this->db->join('schools AS S', 'S.id = E.school_id', 'left');
if($this->session->userdata('role_id') != SUPER_ADMIN){
$this->db->where('E.school_id', $this->session->userdata('school_id'));
$this->db->where('E.role_id', $this->session->userdata('role_id'));
}
if($this->session->userdata('role_id') == SUPER_ADMIN && $school_id){
$this->db->where('E.school_id', $school_id);
}
$this->db->where('S.status', 1);
$this->db->order_by('E.id', 'DESC');
return $this->db->get()->result();
这个是给事件控制器的:
public 函数索引($school_id = null, $id = null, $role_id=null) {
check_permission(VIEW);
$this->data['school'] = array();
$school_id = $this->session->userdata('school_id');
$class_id = $this->session->userdata('class_id');
$role_id = $this->session->userdata('role_id');
$this->data['events'] = $this->event->get_event_list($school_id, $role_id);
$this->data['roles'] = $this->event->get_list('roles', array('status' => 1,), '', '', 'id', 'ASC');
$this->data['filter_school_id'] = $school_id;
$this->data['schools'] = $this->schools;
$this->data['list'] = TRUE;
$this->layout->title($this->lang->line('manage_event') . ' | ' . SMS);
$this->layout->view('event/index', $this->data);
}
我的数据可以在这张来自 CodeIgniter 的图片中看到
this one is event controller
this one is event model
我想确保每个事件只能通过角色 ID 查看。我试图改变控制器 Event.php:
public function index($school_id = null, $id = null, $role_id=null) {
check_permission(VIEW);
$this->data['events'] = $this->event->get_event_list($school_id, $role_id);
$this->data['roles'] = $this->event->get_list('roles', array('status' => 1), '', '', 'id','ASC');
$this->data['filter_school_id'] = $school_id;
$this->data['schools'] = $this->schools;
$this->data['list'] = TRUE;
$this->layout->title($this->lang->line('manage_event') . ' | ' . SMS);
$this->layout->view('event/index', $this->data);
}
我也尝试改变 event_model.php:
public function get_event_list($school_id = null, $role_id=null) {
$this->db->select('E.*, S.school_name, R.name');
$this->db->from('events AS E');
$this->db->join('roles AS R', 'R.id = E.role_id', 'left');
$this->db->join('schools AS S', 'S.id = E.school_id', 'left');
if($this->session->userdata('role_id') != SUPER_ADMIN){
$this->db->where('E.school_id', $this->session->userdata('school_id'));
$this->db->where('R.role_id', $this->session->userdata('role_id'));
}
if($this->session->userdata('role_id') == SUPER_ADMIN && $school_id){
$this->db->where('E.school_id', $school_id);
}
$this->db->where('S.status', 1);
$this->db->order_by('E.id', 'DESC');
return $this->db->get()->result();
}
我已经知道怎么做了,所以我只更改了一些事件模型的编码:
public function get_event_list($school_id = null, $role_id ){
$this->db->select('E.*, S.school_name, R.name');
$this->db->from('events AS E');
$this->db->join('roles AS R', 'R.id = E.role_id', 'left');
$this->db->join('schools AS S', 'S.id = E.school_id', 'left');
if($this->session->userdata('role_id') != SUPER_ADMIN){
$this->db->where('E.school_id', $this->session->userdata('school_id'));
$this->db->where('E.role_id', $this->session->userdata('role_id'));
}
if($this->session->userdata('role_id') == SUPER_ADMIN && $school_id){
$this->db->where('E.school_id', $school_id);
}
$this->db->where('S.status', 1);
$this->db->order_by('E.id', 'DESC');
return $this->db->get()->result();
这个是给事件控制器的:
public 函数索引($school_id = null, $id = null, $role_id=null) {
check_permission(VIEW);
$this->data['school'] = array();
$school_id = $this->session->userdata('school_id');
$class_id = $this->session->userdata('class_id');
$role_id = $this->session->userdata('role_id');
$this->data['events'] = $this->event->get_event_list($school_id, $role_id);
$this->data['roles'] = $this->event->get_list('roles', array('status' => 1,), '', '', 'id', 'ASC');
$this->data['filter_school_id'] = $school_id;
$this->data['schools'] = $this->schools;
$this->data['list'] = TRUE;
$this->layout->title($this->lang->line('manage_event') . ' | ' . SMS);
$this->layout->view('event/index', $this->data);
}