Have you ever wanted to give read/write/Delete type of permissions to users or other items within a PHP application? Why not use Unix-style file permissions (read/write/execute for example)? A PHP implementation can be used for any kind of permissions in scripts and applications.
Use powers of two (the reasoning behind this will become apparent when you see the decoding function) to define your scheme. Here’s a sample permission scheme:
define('PERMISSION_DENIED', 0);
define('PERMISSION_READ', 1);
define('PERMISSION_ADD', 2);
define('PERMISSION_UPDATE', 4);
define('PERMISSION_DELETE', 8);
Now that your permissions scheme is set you can apply it as needed. Using user permissions as an example lets say you wanted to create a user that has permissions to read and delete a log file. Using the above definitions, you would set the user’s permission to “9”.
Properly decoding that permission and apply it to a user can be easily achieved using the following function:
/**
* Correct the variables stored in array.
* @param integer $mask Integer of the bit
* @return array
*/
function bitMask($mask = 0) {
if(!is_numeric($mask)) {
return array();
}
$return = array();
while ($mask > 0) {
for($i = 0, $n = 0; $i <= $mask; $i = 1 * pow(2, $n), $n++) {
$end = $i;
}
$return[] = $end;
$mask = $mask - $end;
}
sort($return);
return $return;
}
What this function does is break down the permission ($mask - the bit mask) into its components that are powers of 2 and return them in an array. If you did a print_r() of the above functions return with our example of "9" you would get:
array(
0 => 1, // READ
1 => 8 // DELETE
);
Now that you have your array of permissions, you could use the "in_array" function to check if a user has permission to perform a requested action. Take a look at this sample code:
// ...
$_ARR_permission = bitMask(9);
// ...
if(in_array(PERMISSION_READ, $_ARR_permission)) {
// [...]
}
else {
echo 'Access denied.';
}
Now you have a simple bitmask permission to use in your apps.