1
我已經構建了一個用戶類,它試圖在MySQL數據庫中查找用戶的ID。如果找到它,它會將變量SQL_ID設置爲該值,否則將其保留爲空。設計一個更優雅的用戶對象
稍後調用的單獨方法(IsValid)會返回一個布爾值,告訴我用戶是否確實存在。
我很好奇,如果任何人想在我的設計在這裏評論,也許提供了一個更好的解決方案。我承認PHP不是我的主要語言,我花了太多時間在非靜態類型的語言之後可能會感覺有點OCDish。也許我正在尋求驗證這個設計是否理智。
// User -> class for passing around user information. Should only pass around the UserID (a unqiue SQL ID), for security reasons, in a Session object.
class User {
private $SQL_ID = "";
//@todo: Get the User object to actually talk to the other classes. Lol.
public function __construct($Username, $Password) {
// Probably want to Base64 encode the values going into and out of the MySQL database, to prevent a SQL Injection attack.
$query = "SELECT [UserID] FROM [Users] WHERE [Username] = '" . base64_encode($Username) . "' AND [Password] = '" . base64_encode($Password) . "';";
$data = SQL::DataQuery($query);
$this->SQL_ID = $data["UserID"];
}
// Boolean function to tell us if we have a valid user. Might be able to merge this into the constructor.
public function IsValid() {
if($this->SQL_ID == "") {
return false;
}
return true;
}
public function GetUserID() {
return $this->SQL_ID;
}
// private $Query = "SELECT [UserID] FROM [Users] WHERE [Username] = '' AND PASSWORD = '';"; // Prototype User query (for selecting a UserID).
}
嗯,我不會在類構造中的登錄功能。這對我來說似乎很奇怪。 – 2012-02-15 19:36:31