1. 首页
  2. 问答
  3. 类中的PHP会话

类中的PHP会话

2013-05-06 25 views
0 
<? 
session_start(); 
class DB_MSSQL { 
    protected $Host; 
    protected $Database; 
    protected $User; 
    protected $Password; 
    protected $Link_ID = 0; 
    protected $Query_ID = 0; 
    protected $Record = array(); 
    protected $Row  = 0; 
    protected $Errno = 0; 
    protected $Error = ""; 
    protected $Halt_On_Error = "yes"; 
    protected $Auto_Free = 1;  
    protected $PConnect = 0; 
    function _construct(){ 
    $this->Host = $_SESSION['SQLIP']; 
    $this->Database = $_SESSION['SQLDB']; 
    $this->User = $_SESSION['SQLUSER']; 
    $this->Password = $_SESSION['SQLPASS']; 
    } 

    function DB_MSSQL($query = "") { 
    if($query) { 
     $this->query($query); 
    } 
    } 
    function connect() { 
    if (0 == $this->Link_ID) { 
     if(!$this->PConnect) { 
     $this->Link_ID = mssql_connect($this->Host, $this->User, $this->Password); 
     } else { 
     $this->Link_ID = mssql_pconnect($this->Host, $this->User, $this->Password); 
     } 
     if (!$this->Link_ID) 
     $this->connect_failed("connect ($this->Host, $this->User, \$Password) failed"); 
     else 
     if (!mssql_select_db($this->Database, $this->Link_ID)) { 
      $this->connect_failed("cannot use database ".$this->Database); 
     } 
    } 
    } 
    function connect_failed($message) { 
    $this->Halt_On_Error = "yes"; 
    $this->halt($message); 
    } 

    function free_result(){ 
     mssql_free_result($this->Query_ID); 
    $this->Query_ID = 0; 
    } 

    function query($Query_String) 
    { 

    /* No empty queries, please, since PHP4 chokes on them. */ 
    if ($Query_String == "") 
     /* The empty query string is passed on from the constructor, 
     * when calling the class without a query, e.g. in situations 
     * like these: '$db = new DB_Sql_Subclass;' 
     */ 
     return 0; 

    if (!$this->Link_ID) 
     $this->connect(); 
// printf("<br>Debug: query = %s<br>\n", $Query_String); 

    $this->Query_ID = mssql_query($Query_String, $this->Link_ID); 
    $this->Row = 0; 
    if (!$this->Query_ID) { 
     $this->Errno = 1; 
     $this->Error = "General Error (The MSSQL interface cannot return detailed error messages)."; 
     $this->halt("Invalid SQL: "); 
    } 
    return $this->Query_ID; 
    } 

    function next_record() { 

    if ($this->Record = mssql_fetch_row($this->Query_ID)) { 
     // add to Record[<key>] 
     $count = mssql_num_fields($this->Query_ID); 
     for ($i=0; $i<$count; $i++){ 
     $fieldinfo = mssql_fetch_field($this->Query_ID,$i); 
     $this->Record[strtolower($fieldinfo->name)] = $this->Record[$i]; 
     } 
     $this->Row += 1; 
     $stat = 1; 
    } else { 
     if ($this->Auto_Free) { 
      $this->free_result(); 
     } 
     $stat = 0; 
    } 
    return $stat; 
    } 

    function seek($pos) { 
     mssql_data_seek($this->Query_ID,$pos); 
    $this->Row = $pos; 
    } 

    function metadata($table) { 
    $count = 0; 
    $id = 0; 
    $res = array(); 

    $this->connect(); 
    $id = mssql_query("select * from $table", $this->Link_ID); 
    if (!$id) { 
     $this->Errno = 1; 
     $this->Error = "General Error (The MSSQL interface cannot return detailed error messages)."; 
     $this->halt("Metadata query failed."); 
    } 
    $count = mssql_num_fields($id); 

    for ($i=0; $i<$count; $i++) { 
     $info = mssql_fetch_field($id, $i); 
     $res[$i]["table"] = $table; 
     $res[$i]["name"] = $info->name; 
     $res[$i]["len"] = $info->max_length; 
     $res[$i]["flags"] = $info->numeric; 
    } 
    $this->free_result(); 
    return $res; 
    } 

    function affected_rows() { 
// Not a supported function in PHP3/4. Chris Johnson, 16May2001. 
// return mssql_affected_rows($this->Query_ID); 
    $rsRows = mssql_query("Select @@rowcount as rows", $this->Link_ID); 
    if ($rsRows) {  
     return mssql_result($rsRows, 0, "rows"); 
    } 
    } 

    function num_rows() { 
    return mssql_num_rows($this->Query_ID); 
    } 

    function num_fields() { 
    return mssql_num_fields($this->Query_ID); 
    } 

    function nf() { 
    return $this->num_rows(); 
    } 

    function np() { 
    print $this->num_rows(); 
    } 

    function f($Field_Name) { 
    return $this->Record[strtolower($Field_Name)]; 
    } 

    function p($Field_Name) { 
    print $this->f($Field_Name); 
    } 

    function halt($msg) { 
    if ("no" == $this->Halt_On_Error) 
     return; 

    $this->haltmsg($msg); 

    if ("report" != $this->Halt_On_Error) 
     die("Session halted."); 
    } 

    function haltmsg($msg) { 
    printf("<p>Server have a critical error!<br><br><br>We are very sorry for any inconvenience!<br><br>\n", $msg); 
    printf("<b>MSSQL Error</b>: %s (%s)</p>\n", 
     $this->Errno, 
     $this->Error); 
    } 
} 
?>

Faild to connect ..如果我放$ Host; $ Database; $ User; $ Password;手动工作正常。但与构造函数无法连接。 ($ _SESSION有正确的值)类中的PHP会话

但我不知道如何echo $ obj-> Host,Password,user等。

来源

2013-05-06 Mihai Oprea

+2

会发生什么,如果这个变量($ _SESSION [ 'SQLIP'])的变化?对全球状态的信任不好。 – 2013-05-06 12:16:24

+0

我已编辑该问题... – 2013-05-06 12:33:46

+0

仍是同样的问题。另一件事是,当您将数据库凭据存储在会话状态中时,默认情况下,PHP会将系统硬盘上的完整会话数据(包括您的文档信息(这是一个漏洞))写入其中。创建一个接受4个参数的构造函数,并以不同的方式将其注入到它中(而不是从会话中注入)。 – 2013-05-06 15:39:13

回答

0

您不能直接给类变量赋值。 将值赋给类构造函数中的变量。

class DB_MSSQL { 
    public $Host; 

    function __construct(){ 
     $this->Host = $_SESSION['SQLIP']; 
    } 
}

找到我下面编辑答您的问题

class DB_MSSQL { 
    public $Host; 
    public $Database; 
    public $User; 
    public $Password; 

    public $Link_ID; 
    public $PConnect; 

    function _construct(){ 
     $this->Host = $_SESSION['SQLIP']; 
     $this->Database = $_SESSION['SQLDB']; 
     $this->User = $_SESSION['SQLUSER']; 
     $this->Password = $_SESSION['SQLPASS']; 
    } 


    function connect() { 
    if (0 == $this->Link_ID) { 
     if(!$this->PConnect) { 
     $this->Link_ID = mssql_connect($this->Host, $this->User, $this->Password); 
     } else { 
     $this->Link_ID = mssql_pconnect($this->Host, $this->User, $this->Password); 
     } 
     if (!$this->Link_ID) 
     $this->connect_failed("connect ($this->Host, $this->User, \$Password) failed"); 
     else 
     if (!mssql_select_db($this->Database, $this->Link_ID)) { 
      $this->connect_failed("cannot use database ".$this->Database); 
     } 
    } 
    }

但它能够更好地使用protected而不是public为DB变量

来源

2013-05-06 12:07:30 Sid

+0

你能举个例子吗? – 2013-05-06 12:08:06

+0

'var'是声明变量的过时方法(php 4) – Chief 2013-05-06 12:13:44

+0

@Peter - 好的谢谢。我会检查 – Sid 2013-05-06 12:21:05

4

可以在类的构造函数分配如下图所示会话值,

class Foo { 
    public $Host; 
    public function __construct() { 
     $this->Host = $_SESSION['SQLIP']; 
    } 
}

Prefe r使用public关键字而不是var来声明一个变量。

注意:由于兼容性原因(作为public关键字的同义词),仍然支持使用var关键字声明变量的PHP 4方法。在5.1.3之前的PHP 5中,它的使用会产生一个E_STRICT警告。

http://www.php.net/manual/en/language.oop5.visibility.php

来源

2013-05-06 12:10:24 Rikesh

相关问题

 相关问题