o. o That doesn't make any sense what's so ever because now you're going against your own words. The words you typed up yourself. Straight from your post.
Run these lines and tell me what you get or better yet. I'll save you the time (being lazy) and show you the results. The difference from running a code that has no classes and objects v.s. running a code with classes and objects.
Without class
With PDO
var_dump(new PDO('mysql:host=localhost;dbname=sample', 'root', 'root'));
The line above outputs
object(PDO)#1 (0) { }
Which is still calling the database.
With class
class Connection {
private function connections() {
var_dump(new PDO('mysql:host=localhost;dbname=test', 'root', 'root'));
}
}
The line above outputs
With MySQLi
Without class
var_dump(new mysqli('localhost', 'root', 'root', 'sample'));
The line above outputs
object(mysqli)#1 (19) { ["affected_rows"]=> int(0) ["client_info"]=> string(75) "mysqlnd _._.__ - ________ - $Id: b0b3b15c693b7f6aeb3aa66b646fee339f175e39 $" ["client_version"]=> int(50010) ["connect_errno"]=> int(0) ["connect_error"]=> NULL ["errno"]=> int(0) ["error"]=> string(0) "" ["error_list"]=> array(0) { } ["field_count"]=> int(0) ["host_info"]=> string(20) "localhost via TCP/IP" ["info"]=> NULL ["insert_id"]=> int(0) ["server_info"]=> string(6) "_._.__" ["server_version"]=> int(_____) ["stat"]=> string(135) "Uptime: 22139 Threads: 1 Questions: 1596 Slow queries: 0 Opens: 173 Flush tables: 1 Open tables: 0 Queries per second avg: 0.072" ["sqlstate"]=> string(5) "00000" ["protocol_version"]=> int(10) ["thread_id"]=> int(936) ["warning_count"]=> int(0) }
With classes
class Connection {
private function connections() {
var_dump(new mysqli('localhost', 'root', 'root', 'sample'));
}
}
The line above outputs
This means that the database connection will never be called if the class hasn't been called yet. Putting your codes outside of the root folder puts more effort on you. Reason why I said you are going against yourself is because PHP in general has classes, objects, and methods built-in so I'm not sure why you are putting your codes outside of the root folder just to protect them from direct access. Also, when I mean by lazy I meant that the stuff you should be using, you don't. But the stuff that it wasn't meant for, you're putting more effort into that.
Sorry anyone reading this. Went off-topic there. Back on topic, I'm still looking for some answers as to if I should be using htmlspecialchars or filter_input.