Jump to content

What is the correct way of passing username and password to DAO?


Recommended Posts

Hello!

 

I need an advise.

 

It is suggested that user name and password to be used to access the database should be kept in a separate file and even better for this file to be outside the public directory.

 

It is also a good practice to use Data Access Object and Value Transfer Object design patterns when building web applications using MVC.

 

May I ask for an advise of a Best Practice of how it is suggested to be done in PHP when I want use DAO design pattern? How do I pass user name and password to DAO? What is the correct way? Would this be a good code?

 

require_once(“config.php”); // contains db user name and password

require_once(“db/Dao.php”); // contains method to access DB and execute queries,

 

 

$dao = new Dao();

$dao->createConnection($userName,$userPassword); // username and password are defined in config.php

 

$users = $dao->getRegisteredUsers();

 

$dao->closeConnection();

 

 

Thank you very much!

 

thorpe, thank you for your reply!

 

Yes! I am defining user name and password as constants in config.php.  I just worry that this is a good way of letting DAO know about user name and password and wanted to learn how experienced PHP developers do it.

Hello thorpe,

 

I think I have a better example now.

 

What do you think if database access information is not defined in separate config.php and then included as PHP file but rather included as CONSTANTS from a separate PHP class?

 


class DbConstants 
{
    const USER_NAME = 'userName';
    const USER_PASS = 'userPASS';
    const DB_NAME   = 'databaseName';
}

 

This way it is going to be very clear where do USER_NAME and USER_PASS come from. 

 

 

 


require_once(“db/DbConstants.php”); // contains db user name and password
require_once(“db/Dao.php”); // contains method to access DB and execute queries, 


$dao = new Dao();
$dao->createConnection( DbConstants:: USER_NAME , DbConstants:: USER_PASS);  

$users = $dao->getRegisteredUsers();

$dao->closeConnection();

 

 

Both provided methods work fine if you do not distribute your code. If you do want to distribute your code by for example selling your software then your first method will work (but has cons) and your second just won't work because you can not re-define constants therefor it is best to use a xml or ini file to read/write configuration settings.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.