1. 首页
  2. 问答
  3. 将php4类转换为php5:帮助替换“var $ thisvar;”到PHP5 equivilant

将php4类转换为php5:帮助替换“var $ thisvar;”到PHP5 equivilant

2013-10-18 54 views
0

我发现用户登录脚本在线这是我后来foundd出被写在PHP4,我在将其升级到PHP5,并在同一时间:)

的片断学习OOP的过程我的用户级别是

<?php 
session_start(); //Tell PHP to start the session 
include("include/database.php"); 
include("include/mailer.php"); 
include("include/form.php"); 

include("constants.php"); 

class user 
{ 
var $username;  //Username given on sign-up 
var $firstname; 
var $lastname; 
var $userid;  //Random value generated on current login 
var $userlevel; //The level to which the user pertains 
var $time;   //Time user was last active (page loaded) 
var $logged_in; //True if user is logged in, false otherwise 
var $userinfo = array(); //The array holding all user info 
var $url;   //The page url current being viewed 
var $referrer;  //Last recorded site page viewed 
var $num_active_users; //Number of active users viewing site 
var $num_active_guests; //Number of active guests viewing site 
var $num_members;  //Number of signed-up users 

/** 
* Note: referrer should really only be considered the actual 
* page referrer in process.php, any other time it may be 
* inaccurate. 
*/ 

public function __construct(db $db, Form $form) 
{ 
    $this->database = $db; 
    $this->form = $form; 
    $this->time = time(); 
    $this->startSession(); 

    $this->num_members = -1; 

    if(TRACK_VISITORS) 
    { 
     /* Calculate number of users at site */ 
     $this->calcNumActiveUsers(); 

     /* Calculate number of guests at site */ 
     $this->calcNumActiveGuests(); 
    } 


}  
/** 
* startSession - Performs all the actions necessary to 
* initialize this session object. Tries to determine if the 
* the user has logged in already, and sets the variables 
* accordingly. Also takes advantage of this page load to 
* update the active visitors tables. 
*/ 
function startSession() 
{ 

    /* Determine if user is logged in */ 
    $this->logged_in = $this->checkLogin(); 

    /** 
    * Set guest value to users not logged in, and update 
    * active guests table accordingly. 
    */ 
    if(!$this->logged_in) 
    { 
     $this->username = $_SESSION['username'] = GUEST_NAME; 
     $this->userlevel = GUEST_LEVEL; 
     $this->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time); 
    } 
    /* Update users last active timestamp */ 
    else 
    { 
     $this->addActiveUser($this->username, $this->time); 
    } 

    /* Remove inactive visitors from database */ 
    $this->removeInactiveUsers(); 
    $this->removeInactiveGuests(); 

    /* Set referrer page */ 
    if(isset($_SESSION['url'])) 
    { 
     $this->referrer = $_SESSION['url']; 
    } 
    else 
    { 
     $this->referrer = "/"; 
    } 
    /* Set current url */ 
    $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF']; 
} 

/** 
* checkLogin - Checks if the user has already previously 
* logged in, and a session with the user has already been 
* established. Also checks to see if user has been remembered. 
* If so, the database is queried to make sure of the user's 
* authenticity. Returns true if the user has logged in. 
*/ 
function checkLogin() 
{ 
    /* Check if user has been remembered */ 
    if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])) 
    { 
     $this->username = $_SESSION['username'] = $_COOKIE['cookname']; 
     $this->userid = $_SESSION['userid'] = $_COOKIE['cookid']; 
    } 

    /* Username and userid have been set and not guest */ 
    if(isset($_SESSION['username']) && isset($_SESSION['userid']) && $_SESSION['username'] != GUEST_NAME) 
    { 
     /* Confirm that username and userid are valid */ 
     if($this->confirmUserID($_SESSION['username'], $_SESSION['userid']) != 0) 
     { 
      /* Variables are incorrect, user not logged in */ 
      unset($_SESSION['username']); 
      unset($_SESSION['userid']); 
      return false; 
     } 

     /* User is logged in, set class variables */ 
     $this->userinfo = $this->getUserInfo($_SESSION['username']); 
     $this->username = $this->userinfo['username']; 
     $this->userid = $this->userinfo['userid']; 
     $this->userlevel = $this->userinfo['userlevel']; 
     $this->lastlogin = $this->userinfo['lastlogin']; 
     $this->townid = $this->userinfo['placeID']; 

     return true; 
    } 
    /* User not logged in */ 
    else 
    { 
     return false; 
    } 
} 
} 
$db = new db($config); 
$form = new Form; 
$user = new User($db, $form);

但我已被告知var $ username;等不是很安全,不应该使用,所以我在这里问什么,我应该使用呢?

我是否对每个var都这样做?

private $username; 

/** 
* @return the $username 
*/ 
public function getUsername() { 
    return $this->username; 
} 

/** 
* @param $newUsername 
* the username to set 
*/ 
public function setUsername($newUsername) { 
    $this->username = $newUsername; 
}

感谢

来源

2013-10-18 user2886669

+0

检出http://itsphptutorial.wordpress.com/access-modifiers-in-php/ –

+0

与您的用户类有关的OOP的问题是它违反了[单一责任原则](http://en.wikipedia .org/wiki/Single_responsibility_principle)(会话处理,数据库访问等)。如果你真的想在PHP中学习OOP,我建议你开始使用一个框架,例如[Symfony2](http://symfony.com/),它有一个[出色的文档](http://symfony.com/doc/current/index.html)。 – nietonfir

回答

0

var相当于public。通过创建所有成员变量private并向其中的每一个添加getter(但不包括setter),您就可以实现这一目标,以便使用API​​的其他开发人员不会[意外]更新这些值。这就是“安全”的含义 - 如果你没有用正确的隐私级别声明它,那么就不会有人能够侵入你的服务器或访问数据。

如果你还想添加一个setter,我会说你在浪费你的时间(尽管其他人会不同意我)。无论如何,你已经给他们完整的统治权。唯一的好处是,如果您决定要以不同的方式存储数值,则可以在路上沿着getter/setter挤出一些其他计算。

*虽然另一名开发人员可能会意外暴露他不应该的信息,例如密码。

来源

2013-10-18 21:48:18 mpen

+0

谢谢马克解释说,它明确帮助我更清楚地理解它:) – user2886669

相关问题

 相关问题