In the nutshell, here’s how simple acm in miniOneFace:

session_start();
include 'prepend.php';
include DBCONFIG;
if(isset($_SESSION['role'])){
$db_connection = new mysqli($DB_OBJ['DB_HOST'],$DB_OBJ['DB_USER'],$DB_OBJ['DB_PASS'],$DB_OBJ['DB_NAME']);
$rs = $db_connection->query("select * from acm_realm where role_id = '".$_SESSION['role']."' AND INSTR('".$_SERVER['PHP_SELF']."',key_pattern)>0");
$d = $rs->fetch_array(MYSQLI_ASSOC);
if($d['id']!=''){
}else{
go(NOT_AUTHORIZED);
exit();
}
mysqli_free_result($rs);
mysqli_close($db_connection);
}else{
go(NOT_LOGIN);
exit();
}

And here’s the of-action (using classic wrapper):


include "_set.php";
include PERSIST;
include DBCONFIG;

$p = new Persist($DB_OBJ);
$p->setTable("acm_realm");

if (e('act')==md5('add_top')){
$p->set("code",e("code"),"s");
$p->set("parent_id",-1,"i");
$p->insert();
go("acm_edit.php?role_id=1&t=".$p->getAutoId());
}
if (e('act')==md5('add_child')){
$p->set("code",e("code"),"s");
$p->set("key_pattern",e("key_pattern"),"s");
$p->set("parent_id",e("parent_id"),"i");
$p->set("role_id",e("role_id"),"i");
$p->insert();
go("acm_edit.php?role_id=".e("role_id")."&t=".e('t'));
}
if (e('act')==md5('update_child')){
$p->set("code",e("code"),"s");
$p->set("key_pattern",e("key_pattern"),"s");
$p->set("role_id",e("role_id"),"i");
$p->setCriteria("id=".e("id"));
$p->update();
go("acm_edit.php?role_id=".e("role_id")."&t=".e('t'));
}
if (e('act')==md5('delete_child')){
$p->set("id",e("id"),"s");
$p->delete();
go("acm_edit.php?role_id=".e("role_id")."&t=".e('t'));
}

with this sample tables :
CREATE TABLE `acm_realm` (
`id` int(11) NOT NULL auto_increment,
`code` varchar(200) default NULL,
`role_id` int(11) default NULL,
`key_pattern` varchar(200) default NULL,
`date_added` datetime default NULL,
`parent_id` int(11) default NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=40 ;

CREATE TABLE `acm_role` (
`id` int(11) NOT NULL auto_increment,
`name` varchar(100) default NULL,
`description` varchar(200) default NULL,
`value` bigint(20) default NULL,
`date_added` datetime default NULL,
`parent_id` int(11) default NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=6 ;

CREATE TABLE `w_user` (
`usr_id` int(11) NOT NULL auto_increment,
`usr_username` varchar(100) default NULL,
`usr_password` varchar(100) default NULL,
`usr_role` varchar(20) default NULL,
`usr_parentid` int(11) default NULL,
PRIMARY KEY (`usr_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=8 ;

What this acm do is check every request, either it is authorized or not. Checking is done by matching request url with key_pattern(url pattern). And it the request url is not authorized, user will be redirected to unauthorized notice page. In case propagate is not set to true during runtime, oneface can’t use forceLogout() feature, so, we have to check for login status from time to time.