Site registration class

[Helmet]

I've been writing procedural PHP code for a few years and I'm quite uncomfortable with the fact that I haven't gotten into OOP yet. I can work with classes, but writing them is another story. So, I've been reading various tutorials on OOP, all of which talk about making a representation of a bicycle or something like that.

 

I've been having some problems with a mammoth script I've written for registration on my site. The script essentially displays three forms, or steps, validates each, but doesn't do enough error checking and I've been finding lately that I've been having problems with my sessions disappearing during the second step of the registration. I got to thinking that if I organized this into a class I might have an easier time debugging and controlling the flow of this three step registration.

 

Is a class the right way to go here? I'm trying to figure out how I would structure this class. I learn by example, and I haven't found any really good looking registration classes so I can see how one should look. I started a skeleton of a class that I will eventually fill in with all the procedural code I've written, but I don't have my head wrapped around how a class for site registration should look. If there is a kind soul who could help fill out this skeleton into a more thorough skeleton that I can fill in with my code, I'd greatly appreciate the opportunity to learn from an application relevant to my purpose (I don't need to describe a bicycle).

 

This is what I've started with:

 

class Register {

function Register(){

}

function ValidateStepOne(){

}

function ValidateStepTwo(){

}

function ProcessStepOne(){

}

function ProcessStepTwo(){

}

function Redirect(){

}
}

 

Your guidance is deeply appreciated in advance!

[Naez]

I'm actually doing something pretty similar.

 

I think having a "register" class is not what making an object is really about.  Really should have a "user" page that handles logins, lost passwords, registration, editting user preferences, etc.  Then within that page you have different objects that you use to handle everything.

 

For instance here's the start of my registration script.

 

user.php

<?php
include("global.php");

switch($_GET['mode'])
{
case "register":
	if (!$_POST)
	{
		register_func();
	} else {
		$errors = array();
		$val = new validator;
		if (!$val->validateLength($_POST['username'], 5, 30))
		{
			$errors[] = "Username is too short";
		}

		if ($_POST['pass1'] != $_POST['pass2'])
		{
			$errors[] = "Passwords do not match";
		}

		if (!$val->validateLength($_POST['pass1'], 5, 30))
		{
			$errors[] = "Password is too short";
		}

		if (!$val->validateEmail($_POST['email']))
		{
			$errors[] = "Email is not valid.";
		}

		if ($errors)
		{
			register_func($errors);
		} else {
			echo "Validation complete";
		}

	}	
break;
        case "profile":
                echo "profile";
        break;
case "login":
default:
	echo "login";
break;
}
?>

 

validator.php

class validator
{
    var $regex;
    
    public function __construct()
    {
    }

    public function validateLength($string, $minlength=5, $maxlength=30)
    { 
        if (strlen($string) >= $minlength && strlen($string) <= $maxlength) return true;
        return false;        
    }
    

    public function validateEmail($email, $minlength=7, $maxlength=30, $regex="/^([a-zA-Z0-9])+([\.a-zA-Z0-9_-])*@([a-zA-Z0-9_-])+(\.[a-zA-Z0-9_-]+)*\.([a-zA-Z]{2,6})$/")
    {
        if (!$this->matchRegex($email,$regex) || !$this->validateLength($email, $minlength, $maxlength)) return false;
        return true; 
    }
    

    public function matchRegex($string, $regex)
    {
        if (!preg_match($regex, $string)) return false;
        return true;           
    }    

 

And my global.php

<?php
/***********
SET PATHS
************/
$nz_root_path = getcwd() . "/";
define(NZROOTPATH,$nz_root_path);

/***********
INCLUDE REQUIRED FILES
************/
function __autoload($className) 
{
    $file = NZROOTPATH . 'includes/'.$className. '.class.php';
    if(!file_exists($file)){
	return false;
    } else {
    	include $file;
}
}
@require_once(NZROOTPATH . "config.php");

/***********
SET UP CONSTANTS
************/
define("IN_CLANCMS",true);
define("DBCT",$dbtype);

$db = dbconn::factory(DBCT);
$db->connect($dbhost,$dbuser,$dbpass,$dbname);

/***********
COMMON FUNCTIONS
************/
function gettemplate($template,$endung="html")
{
return str_replace("\"","\\\"",implode("",file($template.".".$endung)));
}

function n_abs($v) 
{ 
return -abs($v);
}

function register_func($errors=NULL)
{
if ($errors){
	echo "<b>The following errors were found:</b><ul>";
	foreach ($errors as $error)
	{
		echo "<li>" . $error . "</li>";
	}
	echo "</ul>";
}
include(NZROOTPATH . "templates/regbox.html");	
}

?>

 

 

I'm going to be writing a "user" class soon that will return an array of all the user info(from the DB) or setcookies of all the user info

[aschk]

I disagree with Naez's semantics a little bit.

You have a user (which contains information about the person who is or isn't logged in), and then need to authenticate with your application through an auth class or method.

Thus a simplified example would be:

<?php
// User
class user {

public $email;
public $password;

public function __construct($email, $password){
	$this->email = $email;
	$this->password = $password;
}	

}

// Access control list.
class acl {

public function authenticate(user $user){
	$email = $user->email;
	$password = $user->password;

	// DO SQL LOOKUP and return true or false.
}

}

$user = new user("joe@bloggs.com", "password");

$acl = new acl();
$acl->authenticate($user);

?>

 

Theoritcally speaking you should be able to apply an ACL to any application controller or command that you have and thus having stored the user object in the session you can pull it out later and use it with the acl authenticate() method.