0

I need wise solution about role based of my project. I have tables;

- users [ID, ..., roleID,..]
- role [roleID, role_name]
- permission_department[ID, roleID, departmentID]
- department [ID, department_name]

First of all, there is a form I can add new departments to department table. And, There is a form with selectboxes to get permissions 0 or 1. In this form, there is also department permissions section. I'll get permission of departments that are department.ID's

$conn_departmentlist = mysql_query("SELECT * FROM department");
$num_rows_departmentlist = mysql_num_rows($conn_departmentlist);
$y = $num_rows_departmentlist + 1;

for($x = 1; $x < $y; $x++) {
    $departmentIDs[$x] = @$_POST['menu_Department'][$x];
    if(isset($departmentIDs[$x])) { $departmentIDs[$x] = $x; }
}
$departmentID_permission = array();

for($x = 1; $x < $y; $x++) {
    if($departmentIDs[$x]) { array_push($departmentID_permission, $departmentIDs[$x]); }
}

$departmentID_PUTDATABASE = implode(",", $departmentID_permission); // example: 1,3,5

I record $departmentID_PUTDATABASE value to permission_department.deparmentID with its roleID. When I need to show permissions of department:

**HTML:**
<?php
$conn_departmentlist = mysql_query("SELECT * FROM department");
while($get_departmentlist = mysql_fetch_array($conn_departmentlist)) {
    $departmentID = $get_departmentlist['ID'];
    $department_name = $get_departmentlist['department_name'];
?>

<input type="checkbox" class="flat" id="menu_Department[<?php echo $departmentID; ?>]" name="menu_Department[<?php echo $departmentID; ?>]"  <?php get_department_permission_sql($departmentID, $Selected_RoleID); ?> />

<?php } ?>

**PHP:**

function get_department_permission_sql($departmentID, $Selected_RoleID) {
    $conn_permission_department = mysql_query("SELECT departmentID FROM permission_department WHERE roleID = '$Selected_RoleID'");
    $get_permission_department = mysql_fetch_array($conn_permission_department);

    $departmentID_permission = array($get_permission_department['departmentID']);
    $departmentID_permission = explode(',', $departmentID_permission[0]);

    $y = count($departmentID_permission);

    for($x=0; $x < $y; $x++) {
        if($departmentID == $departmentID_permission[$x]) { echo 'checked = "checked"'; }
    }   
}

That's all about it. It's very hard to manage. For example, I need Manager role and role has permissions of different departments.

Is there any possibilities to make it simple, please help me. Thanks in advance.

Pecado
  • 35
  • 7
  • 3
    Why are you using a decade-old database API? It's deprecated, unmaintained, and insecure — especially the way you are using it. Switch to PDO. http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php – miken32 Feb 15 '17 at 17:41
  • I know but started 6 months ago. I will change it with CakePhp soon. I'm learning it know. – Pecado Feb 15 '17 at 17:49

0 Answers0