Secure PHP Development- P21

Chia sẻ: Cong Thanh | Ngày: | Loại File: PDF | Số trang:5

Thêm vào BST

Báo xấu

56
lượt xem 4
download

Download Vui lòng tải xuống để xem tài liệu đầy đủ

Secure PHP Development- P21: Welcome to Secure PHP Development: Building 50 Practical Applications. PHP has come a long way since its first incarnation as a Perl script. Now PHP is a powerful Web scripting language with object-oriented programming support. Slowly but steadily it has entered the non-Web scripting arena often reserved for Perl and other shell scripting languages. Arguably, PHP is one of the most popular Web platforms.

Chủ đề:

Bình luận(0) Đăng nhập để gửi bình luận!

Lưu

Nội dung Text: Secure PHP Development- P21

Chapter 4: Architecture of an Intranet Application 71 This framework is provided with the CD-ROM. You don’t need to create it from scratch. Also note that the database abstraction uses DB.php from the PEAR. Now let’s create the classes needed to implement this application framework. Creating a Database Abstraction Class Accessing a database using its own API is common in the PHP world. For example, most PHP developers use PHP with MySQL and, therefore, they write code that is specific to the MySQL API found in PHP. There is nothing wrong with this approach if you know that your PHP applica- tions will be used only for the MySQL database server. However, if there is a chance that your applications will be used with other databases such as Oracle, Postgres, and so forth, you need to avoid MySQL-specific API. A developer who has abstracted the database API in a level above the vendor-specific API can enjoy the speed of porting the application to different relational databases. Here, we will cre- ate a class called class.DBI.php that will implement a database abstraction layer for our application framework. Listing 4-1 shows class.DBI.php, which implements the database abstraction using PEAR DB. See http://pear.php.net/manual/en/core.db.php for details on PEAR DB, a unified API for accessing SQL-databases. Listing 4-1: class.DBI.php
72 Part II: Developing Intranet Solutions Listing 4-1 (Continued) */ define(‘DBI_LOADED’, TRUE); class DBI { var $VERSION = “1.0.0”; function DBI($DB_URL) { $this->db_url = $DB_URL; $this->connect(); if ($this->connected == TRUE) { // set default mode for all resultset $this->dbh->setFetchMode(DB_FETCHMODE_OBJECT); } } function connect() { // connect to the database $status = $this->dbh = DB::connect($this->db_url); if (DB::isError($status)) { $this->connected = FALSE; $this->error = $status->getMessage(); } else { $this->connected = TRUE; } return $this->connected; } function isConnected()
Chapter 4: Architecture of an Intranet Application 73 { return $this->connected; } function disconnect() { if (isset($this->dbh)) { $this->dbh->disconnect(); return 1; } else { return 0; } } function query($statement) { $result = $this->dbh->query($statement); if (DB::isError($result)) { $this->setError($result->getMessage()); return null; } else { return $result; } } function setError($msg = null) { global $TABLE_DOES_NOT_EXIST, $TABLE_UNKNOWN_ERROR; $this->error = $msg; if (strpos($msg, ‘no such table’)) { $this->error_type = $TABLE_DOES_NOT_EXIST; } else { Continued
74 Part II: Developing Intranet Solutions Listing 4-1 (Continued) $this->error_type = $TABLE_UNKNOWN_ERROR; } } function isError() { return (!empty($this->error)) ? 1 : 0; } function isErrorType($type = null) { return ($this->error_type == $type) ? 1 : 0; } function getError() { return $this->error; } function quote($str) { return “‘“ . $str . “‘“; } function apiVersion() { return $VERSION; } } ?> Here are the functions the DBI class implements: ◆ DBI(): This is the constructor method, which creates the instances of the DBI object. For example, here is a script called test_dbi.php that creates a DBI object.
Chapter 4: Architecture of an Intranet Application 75 // setting below. $PEAR_DIR = $_SERVER[‘DOCUMENT_ROOT’] . ‘/pear’ ; // If you have installed PHPLIB in a different // directory than %DocumentRoot%/phplib, change // the setting below. $PHPLIB_DIR = $_SERVER[‘DOCUMENT_ROOT’] . ‘/phplib’; // If you have installed framework directory in // a different directory than // %DocumentRoot%/framework, change the setting below. $APP_FRAMEWORK_DIR=$_SERVER[‘DOCUMENT_ROOT’] . ‘/framework’; // Create a path consisting of the PEAR, // PHPLIB and our application framework // path ($APP_FRAMEWORK_DIR) $PATH = $PEAR_DIR . ‘:’ . $PHPLIB_DIR . ‘:’ . $APP_FRAMEWORK_DIR; // Insert the path in the PHP include_path so that PHP // looks for our PEAR, PHPLIB and application framework // classes in these directories ini_set( ‘include_path’, ‘:’ . $PATH . ‘:’ . ini_get(‘include_path’)); // Now load the DB.php class from PEAR require_once ‘DB.php’; // Now load our DBI class from application framework // directory require_once(‘class.DBI.php’); // Set the database URL to point to a MySQL // database. In this example, the database is // pointing to a MySQL database called auth on // the localhost server, which requires username // (root) and password (foobar) to login $DB_URL = ‘mysql://root:foobar@localhost/auth’; // Create a DBI object using our DBI class // Use the database URL to initialize the object // and make connection to the database $dbi = new DBI($DB_URL);