3. Hide the "Hot Keys".

In the second lesson, we will write two more classes and finish the inner part of the script completely.

Plan

The goal of this tutorial series is to create a simple application that allows users to register, sign in, sign out, and change settings. The class that will contain all the information about the user will be called User and it will be defined in the User.class.php file. The class that will be responsible for entering / exiting will be called UserTools (UserTools.class.php).

A little about class naming

It is a good practice to name the files with the description of the class the same name as the class itself. This makes it easy to determine the purpose of each file in the class folder.

It is also common to add .class or .inc at the end of the class file name. Thus, we clearly define the purpose of the file and can use .htaccess to restrict access to these files.

User Class (User.class.php)

This class will define each user. As this application grows, the definition of "User" may change significantly. Fortunately, OOP programming makes it easy to add additional user attributes.

Constructor

In this class, we will use a constructor - this is a function that is automatically called when another copy of the class is created. This allows us to automatically publish some of the attributes after creating the project. In this class, the constructor will take a single argument: an associative array that contains one row from the users table of our database.

require_once "DB.class.php"; class User (public $ id; public $ username; public $ hashedPassword; public $ email;
public $ joinDate;
//The constructor is called when a new object is created// Takes an associative array with the DB row as an argument. function __construct ($ data) ($ this-> id = (isset ($ data ["id"]))? $ data ["id"]: ""; $ this-> username = (isset ($ data [" username "]))? $ data [" username "]:" "; $ this-> hashedPassword = (isset ($ data [" password "]))? $ data [" password "]:" "; $ this- > email = (isset ($ data ["email"]))? $ data ["email"]: ""; $ this-> joinDate = (isset ($ data ["join_date"]))? $ data [" join_date "]:" ";)
public function save ($ isNewUser = false) (// create a new database object. $ db = new DB (); // if the user is already registered and we "re // just updating their info. if (! $ isNewUser ) (// set the data array $ data = array ("username" => "" $ this-> username "", "password" => "" $ this-> hashedPassword "",
"email" => "" $ this-> email "");
// update the row in the database $ db-> update ($ data, "users", "id =". $ this-> id); ) else (// if the user is being registered for the first time. $ data = array ("username" => "" $ this-> username "", "password" => "" $ this-> hashedPassword "" , "email" => "" $ this-> email "", "join_date" => "" ".date (" Ymd H: i: s ", time ())." ""); $ this-> id = $ db-> insert ($ data, "users"); $ this-> joinDate = time ();) return true; ))?>

Explanation

The first part of the code, outside the class zone, provides the connection of the class to the database (since there is a function in the User class that requires this class).

Instead of class variables “protected” (used in lesson 1) we define them as “public”. This means that any code outside the class has access to these variables when working with the User object.

The constructor takes an array where the columns in the table are keys. We set the class variable using $ this-> variablename. In the example of this class, we first check if the value of a specific key exists. If so, then we set the class variable to this value. Otherwise, it is an empty string. The code uses a short form of notation for the if turnover:

$ value = (3 == 4)? "A": "B";

In this example, we check if 3 equals four! If yes - then $ value = “A”, no - $ value = “B”. In our example, the result is $ value = “B”.

We save information about users in the database

The save function is used to make changes to the database table with the current values ​​in the User object. This function uses the DB class we created in the first tutorial. Using class variables, the $ data array is set. If the user data is being saved for the first time, then $ isNewUser is passed as $ true (default is false). If $ isNewUser = $ true then the insert () function of the DB class is called. Otherwise, the update () function is called. In both cases, information from the user object will be saved in the database.

UserTools.class.php class

This class will contain functions that are relevant to users: login (), logout (), checkUsernameExists (), and get (). But with the expansion of this application, you can add many more.

//UserTools.class.php require_once "User.class.php"; require_once "DB.class.php";
class UserTools (
// Log the user in. First checks to see if the // username and password match a row in the database. // If it is successful, set the session variables // and store the user object within.
public function login ($ username, $ password)
{
$ hashedPassword = md5 ($ password); $ result = mysql_query ("SELECT * FROM users WHERE username =" $ username "AND password =" $ hashedPassword ""); if (mysql_num_rows ($ result) == 1) ($ _SESSION ["user"] = serialize (new User (mysql_fetch_assoc ($ result))); $ _SESSION ["login_time"] = time (); $ _SESSION ["logged_in "] = 1; return true;) else (return false;))
// Log the user out. Destroy the session variables. public function logout () (unset ($ _ SESSION ["user"]); unset ($ _ SESSION ["login_time"]); unset ($ _ SESSION ["logged_in"]); session_destroy ();) // Check to see if a username exists. // This is called during registration to make sure all user names are unique. public function checkUsernameExists ($ username) ($ result = mysql_query ("select id from users where username =" $ username ""); if (mysql_num_rows ($ result) == 0) (return false;) else (return true;)
}
// get a user // returns a User object. Takes the users id as an input public function get ($ id) ($ db = new DB (); $ result = $ db-> select ("users", "id = $ id"); return new User ($ result );))
?>

Login () function

The login () function is self-explanatory. It takes the user's $ username and $ password arguments and checks if they match. If everything matches, creates a User object with all the information and stores it in the session. Please note that we are only using PHP's serialize () function. It creates a saved version of the object that can be easily undone using unserialize (). Also, the login time will be saved. This can be used in the future to provide users with information about the duration of their stay on the site.

You may also notice that we are setting $ _SESSION ["logged_in"] to 1. This allows us to easily check if the user is logged in on each page. It is enough to check only this variable.

Logout () function

Also a simple function. PHP's unset () function clears variables in memory, while session_destroy () will delete the session.

CheckUsernameExists () Function

Anyone who knows English will easily understand the function. It simply asks the database if a similar login is used or not.

Get () function

This function takes a unique user id and makes a query to the database using the DB class, namely the select () function. It will take an associative array with a number of user information and create a new User object, passing the array to the constructor.

Where can you use it? For example, if you create a page that should display specific user profiles, you will need to dynamically grab this information. This is how you can do it: (let's say url http://www.website.com/profile.php?userID=3)

// note: you will have to open up a database connection first. // see Part 1 for further information on doing so. // You "ll also have to make sure that you" ve included the class files.
$ tools = new UserTools (); $ user = $ tools-> get ($ _ REQUEST ["userID"]); echo "Username:". $ user-> username. ""; echo "Joined On:". $ user-> joinDate. "";

Easily! Truth?

Server-side finishing touch: global.inc.php

global.inc.php is required for every page on the site. Why? This way we will place all the usual operations that we need on the page. For example, we'll start session_start (). The DB connection will also open.

require_once "classes / UserTools.class.php";
require_once "classes / DB.class.php";
// connect to the database $ db = new DB (); $ db-> connect ();
// initialize UserTools object $ userTools = new UserTools (); // start the session
session_start ();
// refresh session variables if logged in if (isset ($ _ SESSION ["logged_in"])) ($ user = unserialize ($ _ SESSION ["user"]); $ _SESSION ["user"] = serialize ($ userTools-> get ($ user-> id));)?>

What is he doing?

There are several things going on here. First of all, we open a connection to the base.

After connecting, we start the session_start () function. The function creates a session or continues the current one if the user is already logged in. Since our application is designed for users to log in / out, this feature is required on every page.

Next, we check if the user is logged in. If so, we'll update $ _SESSION ["user"] to display the most recent user information. For example, if a user changes his email, the old one will be stored in the session. But this won't happen with auto update.

This concludes the second part! Expect a final lesson on this topic tomorrow.

All the best!

I would like to devote this lesson to creating a personal profile for registered users (addition to the lesson Creating user registration on the site). Now users can add their avatar, change first and last name, add place of residence and birthday. To do this, the table users add some fields:

Now let's create a profile page profile.php and add on the page index.php link to it

Echo "
My profile"; Now the code of the profile.php page itself

Profile