simplyi Posted January 13, 2010 Share Posted January 13, 2010 Hello! I need an advise. It is suggested that user name and password to be used to access the database should be kept in a separate file and even better for this file to be outside the public directory. It is also a good practice to use Data Access Object and Value Transfer Object design patterns when building web applications using MVC. May I ask for an advise of a Best Practice of how it is suggested to be done in PHP when I want use DAO design pattern? How do I pass user name and password to DAO? What is the correct way? Would this be a good code? require_once(“config.php”); // contains db user name and password require_once(“db/Dao.php”); // contains method to access DB and execute queries, $dao = new Dao(); $dao->createConnection($userName,$userPassword); // username and password are defined in config.php $users = $dao->getRegisteredUsers(); $dao->closeConnection(); Thank you very much! Quote Link to comment https://forums.phpfreaks.com/topic/188387-what-is-the-correct-way-of-passing-username-and-password-to-dao/ Share on other sites More sharing options...
trq Posted January 13, 2010 Share Posted January 13, 2010 Your code looks fine though I would be more inclined to use constants rather than simple variables. Quote Link to comment https://forums.phpfreaks.com/topic/188387-what-is-the-correct-way-of-passing-username-and-password-to-dao/#findComment-994523 Share on other sites More sharing options...
simplyi Posted January 13, 2010 Author Share Posted January 13, 2010 thorpe, thank you for your reply! Yes! I am defining user name and password as constants in config.php. I just worry that this is a good way of letting DAO know about user name and password and wanted to learn how experienced PHP developers do it. Quote Link to comment https://forums.phpfreaks.com/topic/188387-what-is-the-correct-way-of-passing-username-and-password-to-dao/#findComment-994527 Share on other sites More sharing options...
trq Posted January 13, 2010 Share Posted January 13, 2010 Passing them to a connection method or even the construct are fine. ps: Constants really ought to be all upper case. Quote Link to comment https://forums.phpfreaks.com/topic/188387-what-is-the-correct-way-of-passing-username-and-password-to-dao/#findComment-994529 Share on other sites More sharing options...
simplyi Posted January 14, 2010 Author Share Posted January 14, 2010 Hello thorpe, I think I have a better example now. What do you think if database access information is not defined in separate config.php and then included as PHP file but rather included as CONSTANTS from a separate PHP class? class DbConstants { const USER_NAME = 'userName'; const USER_PASS = 'userPASS'; const DB_NAME = 'databaseName'; } This way it is going to be very clear where do USER_NAME and USER_PASS come from. require_once(“db/DbConstants.php”); // contains db user name and password require_once(“db/Dao.php”); // contains method to access DB and execute queries, $dao = new Dao(); $dao->createConnection( DbConstants:: USER_NAME , DbConstants:: USER_PASS); $users = $dao->getRegisteredUsers(); $dao->closeConnection(); Quote Link to comment https://forums.phpfreaks.com/topic/188387-what-is-the-correct-way-of-passing-username-and-password-to-dao/#findComment-994589 Share on other sites More sharing options...
ignace Posted January 14, 2010 Share Posted January 14, 2010 Both provided methods work fine if you do not distribute your code. If you do want to distribute your code by for example selling your software then your first method will work (but has cons) and your second just won't work because you can not re-define constants therefor it is best to use a xml or ini file to read/write configuration settings. Quote Link to comment https://forums.phpfreaks.com/topic/188387-what-is-the-correct-way-of-passing-username-and-password-to-dao/#findComment-994822 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.