Jump to content

New to OOP - MySQL/Users ran into a wall any advice?


Recommended Posts

So i've ran into a bit of a wall scalability wise. I've created this simple mysql class based on reading and its working out well so far. However I realize that doing a user management setup is going to require a lot more seperate classes in the end.  Does anyone have any advice/suggestions/comments on making this more scalable?

 

<?php
// ###############################################
// ##							mysql.class.php
// ###############################################
error_reporting(E_ALL);

class db {  # BEGIN CLASS.

	/* Class variables */
	var $act;				  // Action container - this will contain our SQL queries.
	var $con;			      // Connection container - this will hold our actual connection to our MySQL server.
	var $affected_rows;  // This will hold our affected row count from mysql_affected_rows() command.
	var $record;		     // This will hold the retrieved data from our MySQL queries.

		function db() { # BEGIN CONSTRUCT
			$this->db_host	= 'localhost';
			$this->db_user	= '';
			$this->db_pass	= '';
			$this->db_base	= '';

		} # END CONSTRUCT

		function db_open() {
			$this->con = @mysql_connect($this->db_host, $this->db_user, $this->db_pass);

			if (!$this->con) {
				die($this->err("Connecting to MySQL server."));
			}

			if (!@mysql_select_db($this->db_base, $this->con)) {
				$this->err('Selecting database');
			}
			    // clear variables.
			   $this->db_host = '';
			   $this->db_user = '';
		       $this->db_pass = '';
			   $this->db_base = '';
		} 

		function db_close() { 
		 // #Close mysql connection.
		 // #This is not really needed unless you're doing a lot of processing on the data and don't want to leave the connection open.
		 // #PHP automatically closes the MySQL connection when the script is finished.
			if (!@mysql_close($this->con)) {
			$this->err('MySQL connection.');
			}
		}

		function escape($string) {
			return mysql_real_escape_string($string, $this->con);
		}

		function db_query($sql) {
			$sql = $this->escape($sql, $this->con);
			$this->act = @mysql_query($sql, $this->con);

			if(!$this->act) {
				$this->err("Querying database.");
			}
			$this->affected_rows = mysql_affected_rows($this->con);
		}

		function db_fetchassoc() { 
		// #Fetch associative array.
		// #no need to add error checking here, if the query before hand fails it will not continue.
			return mysql_fetch_assoc($this->act);			

		}

		function db_free() {
		// #Free mysql resources.
			mysql_free_result($this->act);
		}


		function err($error) {
			// There is probably a much better way to do this but it works.
			// We have a header and a footer for the error page, lets load them into the according variables.
		   $fname1 = "inc/err.head"; //Error page header.
		   $file1 = @fopen($fname1, 'r');
		   $fname2 = "inc/err.foot";  //Error page footer.
		   $file2 = @fopen($fname2,'r');
		   $head = @fread($file1, filesize($fname1));
		   $foot = @fread($file2, filesize($fname2));

			die(
			$head
			.
			"
			 <img src='img/error_icon.png'></img>
			 <br />
			 <br />
			 <hr>
			 <br />
			 <br />
			 <b> <font color='#ff2828'>Error : </font></b>" . $error . "
			 <br />
			 <b> <font color='#5886a7'>[" . mysql_errno() . "]</font> </b>" . mysql_error() .
			 "<br />
			 <br />
			 Please contact site administrator"
			 .
			 $foot
			 );
		}
} # END CLASS!

class user_db extends db { #BEGIN USER CLASS
	var $salt1; 	//MD5 Beginning salt string.
	var $salt2;	//MD5 Ending salt string.

			function user_db() { #BEGIN CONSTRUCT
				$this->salt1 = "mnbcvx1";	//Set beginning salt string.
				$this->salt2 = "xbrtui";		//Set ending salt string.

			} #END CONSTRUCT.
			function salt($string) { 
			//Lets md5 the password and add a salt string.
			return md5($this->salt1 . $string . $this->salt2);
			}
} #END CLASS!




have a look at design patterns and at Access Control Lists (ACL), advanced authentication with protection against session hijacking etc.. use a Database Abstraction Layer (DBAL) so your system will run under multiple relational databases

 

i really recommend using the ACL and the advanced authentication one of my favorites is the implementation of the abstract factory pattern with the possibility in shifting between authentication methods

have a look at design patterns and at Access Control Lists (ACL), advanced authentication with protection against session hijacking etc..  use a Database Abstraction Layer (DBAL) so your system will run under multiple relational databases

 

i really recommend using the ACL and the advanced authentication one of my favorites is the implementation of the abstract factory pattern with the possibility in shifting between authentication methods

 

Thanks for the reply, did some quick skimming on the subjects. This is definitely what I was looking for.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.