易栈网-膘叔

原文地址：http://devzone.zend.com/article/3509-Zend_Acl-and-MVC-Integration-Part-I-Basic-Use

原文内容：

By Aldemar Bernal

So, what is wrong with Zend_Acl and the current MVC implementation in the Zend Framework? there is nothing wrong, it is just that it gets not too obvious for developers how to achieve an optimal integration between these two important parts of the framework.

First at all, this article is based on the following Zend Framework Proporsal (link), by this moment this proposal is in Pending Recommendation state.

Well, how it works? There are two key components in this proposal:

1. A Front Controller Plugin: This component resolves if the current user has access to the page which is being opened.
2. An Action Helper: This component allows you to check whether the current user has access inside a controller.

Based on these two components, let's try them with an example. Let's talk about a website like DevZone, we would need a controller that work with the user management and another one which will deal with article management, as well we need 3 types of users (roles), one for guests, one for writers and another one which will approve the articles; resuming, we have:

Resources:

1. user controller.
2. article controller.

Roles:

1. Guest.
2. Writer.
3. Admin.

Setting up the Zend_Acl component

After defined what we want to do, the next step will create a Zend_Acl instance which will reflect our model.

/** Creating the ACL object */
require_once 'Zend/Acl.php';
$myAcl = new Zend_Acl();

Creating the roles

Now we create the roles in our Zend_Acl instance.

/** Creating Roles */
require_once 'Zend/Acl/Role.php';
$myAcl->addRole(new Zend_Acl_Role('guest'))
      ->addRole(new Zend_Acl_Role('writer'), 'guest')
      ->addRole(new Zend_Acl_Role('admin'), 'writer');

Creating the resources

And then we create the resources needed (one per controller) and their relationship with the roles we created.

/** Creating resources */
require_once 'Zend/Acl/Resource.php';
$myAcl->add(new Zend_Acl_Resource('user'))
      ->add(new Zend_Acl_Resource('article'));

Creating the permissions

Now that we added the roles and resources to our Zend_Acl instance, it's time to explain what actions must be available to which roles.

1. Guest won't have access to edit, add or approve an article.
2. Writer won't have access to approve an article.
3. Admin will have complete access.

/** Creating permissions */
$myAcl->allow('guest', 'user')
      ->deny('guest', 'article')
      ->allow('guest', 'article', 'view')
      ->allow('writer', 'article', array('add', 'edit'))
      ->allow('admin', 'article', 'approve');

Creating the access denied view file

We will need to create a view and an action which will address all those denied users, in order to do it, first we create a new action in our error controller:

class ErrorController extends Zend_Controller_Action
{
    ....

    public function deniedAction()
    {
    }

    ....
}

And then we create our view file (/application/views/scripts/error/denied.phtml) with some warning message:

<h1>Error</h1>
<h2>Access denied</h2>
<p>You are trying to access an area which you have not allowed.</p>

Finishing the configuration

Okay, we have setup our Zend_Acl configuration, so far, it doesn't look like something new, but the next step is register the controller plugin, this important part takes the Zend_Acl instance we created and then validates it against the current page being accessed by an user.

/** Setting up the front controller */ 
require_once 'Zend/Controller/Front.php'; 
$front = Zend_Controller_Front::getInstance(); 
$front->setControllerDirectory('path/to/controllers'); 
 
/** Registering the Plugin object */ 
require_once 'Zend/Controller/Plugin/Acl.php'; 
$aclPlugin = new Zend_Controller_Plugin_Acl($myAcl);
$aclPlugin->setRoleName($currentUserRole);

$front->registerPlugin(new Zend_Controller_Plugin_Acl($acl, 'guest')); 

/** Dispatching the front controller */ 
$front->dispatch();

After this configuration is done, once an user enters in our application, depending the role he/she has the page will be displayed or an access denied page will be displayed.

For more information about this you can go to:
Zend_Acl & MVC Integration
and here is a small implementation source code of this:
Source Code

————END————
由于本文并没有什么特别的地方，而且单词也没有什么，故不作翻译。

Copy from framework.zend.com , it's submitted of Thursday, July 31, 2008
It's full contents :

and someone were comments for this news,

这样看来，以后ADOBE或许也会主动参与了吧？

TP的COOKIE类是被封装好的，里面包含了一些常见的操作，set,get,clear等等，其实TP的cookie类与其他的COOKIE有着明显的不同，那就是TP的COOKIE ID是唯一的（不好意思，在我写完这段的时候，为了防止写错，我又重新打开了cookie.class.php，却突然发现，现在的cookie功能与以前的不一样了。）

以前的set函数是类似于这样：

既然如此，我还是按最新的稍作讲解吧。。。

Cookie类，固名思意，就是把对COOKIE的操作进行了封装，通过定义一个COOKIE名的前缀，以防与其他COOKIE产生冲突，然后加上COOKIE变量的名称，就可以进行赋值、取值等。

Cookie类所有的操作都采用了静态方法，即在实际应用中，只要加载了Cookie类，就可以随时使用了：

另外一个需要注意的是，cookie在不同的浏览器下面有着不同的限制，最常见的就是cookie的长度，请尽量不要超过4K的字节。

参考资料：

如果你在使用ThinkPHP框架的时候不想采用TP自带的模版系统，而使用第三方的模版系统，你有很多其他的选择，在这里我仅介绍Smarty这种比较官方，而且比较强大的模版系统。

由于Smarty兼容PHP4，因此，它的效率会相对低一点点，这个低只是相对的，估计等Smarty啥时候正式放弃PHP4的时候，效率可能会上很大一个台阶。

………………………………………………

最多请看全文。

» 阅读全文

ThinkPHP的模版引擎强大就强大在于它可以使用XML标签来为TP模版引擎进行扩展，因此TP的标签功能就成了TP模版的亮点所在。要想让TP的模版功能更加强大，你就得学会扩展TP的标签功能，即：自定义标签

开发自定义标签功能的时候，有几个注意的地方，
1、文件名的规范性，这个当然是不用多解释了，TagLibInput.class.php
    （TagLib加是你定义的标签名，首字符大写，这样你的文件名中的Input就会自动认为你的XML文件名）
2、目录所在：目前暂时还是存放到THINKPHP的核心类库里，目录为：/THINKPHP/Lib/Think/Template
    主程序文件放到：/THINKPHP/Lib/Think/Template/TagLib/ 目录下
    自定义的XML文件放到：/THINKPHP/Lib/Think/Template/Tags/ 目录下

    （自定义的文件是小写的标签名，即刚才类名中的Input的小写）

注意事顶：
    如果你发现你自定义的标签没有被解析，请按如下方法进行检查（以input标签为例）
    1、查看文件开始的地方是否加载了<tagLib name="cx,html,input" />,同时，请检查是否符合XML规范，如：标签一定要闭合。例：<br />，否则会出现XML解析错误
    2、检查文件是否都为UTF－8编码，因为在解析XML的时候，都是采用UTF8编码，如果不是UTF8编码，会出现一些奇怪的解析错误，很多时候都会出现simpleXml解析器错误，如果出现这种错误，请检查文件编码，如果是UTF8编码的文件，请同时检查文件头是否存在BOM标记。
    3、自定义的标签中，是否忘了双引号。由于在写HTML的时候，很容易忽略双引号，比如<input type=text name=name>，如果是这样，在被当成XML解析的时候，肯定会报错的，正确的写法应该是：<input type="text" name="name" value="value" />（标签要闭合），如果是自己自定义的标签，则应该这样写：<input:text name="" value="" />