Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Some general notes: arguments (aka parameters) are whats sent in to a function (aka method), properties (aka instance variables) are the variables belonging to an object, static variables would be ones ones that exist throughout each instance
- // This is the User class, a blueprint of what makes up a user
- class User{
- // These are the properties a user will have, we are "declaring" them using a modifier (public) which means we can access them using $userobject->property once we've made a user
- public $id;
- public $username;
- public $password;
- public $email;
- public $permission;
- //__construct is a built in php function called when we instantiate a user object (new User())
- function __construct($user){
- // we take an associative array as input
- foreach($user as $key => $value){
- // for every element in the array, check if there is a corresponding property in User, if so assign its value
- if(property_exists('User', $key))
- $this->$key = $value;
- }
- }
- //result $user = array($id,$username,$password,$email,$permission);
- //static method is in essence a method which does not directly affect any object
- //as you can see it does not alter any properties of an existing user object
- //all it does it get stuff from an existing object and go further (doesn't save over it)
- // log_in is a static function, it will not change any property of a user as it is not part of a particular instance of user,
- // since it's not part of an instance we can't use "$this" (reference to current instance), we can only act on the
- // arguments sent to the method and return some value, in this case we construct a User instance from a username and password
- static function log_in($username, $password){
- //extract the values from the array once they have been escaped
- // NOTE: i had made a mistake here, since we're using func_get_args in esc() we don't need to send in an array
- extract($this->esc($username, $password));
- if(!empty($username) && !empty($password) && ctype_alnum($username)){
- $query = mysql_query("SELECT * FROM users_tbl WHERE username = '$username' AND password = '".sha1($password)."'");
- if($query){
- $row = mysql_fetch_assoc($query);
- if($row){
- // we construct a new user from the array we got back from the query
- $currentuser = new User($row);
- // we merge the session variable with the properties of our new user, this
- // will allow us to reconstruct said user from the session variables at a later time
- $_SESSION = array_merge($_SESSION, get_object_vars($currentuser));
- return $currentuser;
- }
- }
- }
- // note: false is a result! in fact false is a very useful result, for example it means we can say if(!log_in($usn, $psw)) or if(log_in($usn, $psw)) rather than checking for null or empty etc
- return false;
- }
- // gets the arguments it has been given and makes them all safe
- private function esc($array){
- $args = func_get_args();
- foreach($args as &$value){
- $value = mysql_real_escape_string($value);
- }
- //returns the results in a useable state now that they have been filtered
- return $args;
- }
- }
- class Controller{
- public $user;
- public $signed_in;
- function handle_actions(){
- if(isset($_POST['login'])){
- //We're using the static function log_in which will return an instance of user (a user object created from our blueprint of what makes up a user) using the username and password provided
- $user = User::log_in($_POST['username'], $_POST['password']);
- if($user)
- //if you're logged in it sets the variables and redirects
- header('Location: /admin/index');
- else
- //if not it takes you back to the error page
- header('Location: /login/error');
- exit;
- }
- // if the use has not just logged in, we check if they were already logged in, we construct a user object from the session variables instead
- elseif(isset($_SESSION['id'], $_SESSION['username'], $_SESSION['password'], $_SESSION['email'], $_SESSION['permission'])){
- $user = new User($_SESSION);
- // Note that i had made a mistake here, the construct won't return a boolean i had copy pasted this from above where log_in does so.
- $this->user = $user;
- $this->signed_in = true;
- }
- }
- }
- // We have declared above that in our world, there is a type of object called controller
- // $ctrl is said to be one particular instance of such an object. It is a "new Controller".
- // if you like you could think of it as a class being the definition of a species, and instantiation as saying
- // $pedro = new Lion(); where lion is a class and pedro is an object (animal) of that class (species)
- $ctrl = new Controller();
- // $ctrl->handle_actions calls the handle_actions function belonging to the $ctrl object
- $ctrl->handle_actions();
- if($ctrl->signed_in)
- echo "I'm a little teapot, short and stout.";
- else
- echo "Tip me over and pour me out!";
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement