May 27, 2018
Hot Topics:

PHP ACL: Permissions and Performance, Page 2

  • April 11, 2012
  • By Voja Janjic
  • Send Email »
  • More Articles »

PHP ACL: Permissions and Performance

Permission names are created by you -- that means that you can use any name as a permission name. However, I suggest you check some permissions automatically and assign them some generic names, such as view_[page_name] for checking page access permissions, or form_[form_name] for checking if a certain users has permissions to submit a form.

Permission types are introduced in this version of PHP ACL, where "0" means "deny" and "1" means "allow." This feature is very useful if you have to manage exceptions, e.g., you need to allow a whole user group to execute an action, but you want to deny access to that action for a few group members.

After creating the PHP class, you need to create an object of that class in another PHP file. It should be done the following way:

$acl = new Acl();
If(!$acl->check(view_admin_dashboard,1,1)) {
// user doesn't have permission to execute the following action
//do something here

Consider your website's performance when implementing an ACL. Using access control list checks increases the number of queries per request by 4. Although there is MySQL query cache, it is recommended that you create your own caching system. It can be as simple as storing the query results into a file and fetching them from a txt file for a certain period of time, or more complex, such as CodeIgniter's SQL caching system, which can store cache for unlimited period of time, but delete it when a certain action is executed (e.g., clear cache when a new user is registered).

In conclusion, implement the ACL model, as it is would significantly increase your website security.

Originally published on https://www.developer.com.

Page 2 of 2

Comment and Contribute


(Maximum characters: 1200). You have characters left.



Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.


We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date