PHP RSS PHP RSS

My OOP based login -- Help me start

Reply
1 2

Join Date: Jun 2007
Posts: 1,389
Reputation: evstevemd has a spectacular aura about evstevemd has a spectacular aura about evstevemd has a spectacular aura about 
Solved Threads: 127
evstevemd's Avatar
evstevemd evstevemd is offline Offline
Nearly a Posting Virtuoso

My OOP based login -- Help me start

 
0
  #1
Oct 31st, 2009
Hi all, after thinking for sometimes, I thought it will be grat opportunity to learn if I will start from scratch and build my own register/login system. Here is the thread that I will be posting the progress and I hope you guys will help me.

The code below is what I have so far. Just put two scripts in the same directory and that is! I hope you will help me
Thanks!
class.php
php Syntax (Toggle Plain Text) 
  1. <?php
  2. //php login sytem
  3. class LoginRegister{
  4.  function __construct(){
  5. }
  6.  
  7. function displogin($status){
  8. if ($status == "login"){
  9. 	// post login page
  10. 	$enc = base64_encode('login');
  11. 	$html = <<<LOGIN
  12. 	<form action = $_SERVER[PHP_SELF]?do=$enc, method = POST>
  13. 		<p>Username: <input type=text name = username /></p>
  14. 		<p>Password: <input type=password name = password /></p>
  15. 		<input type=submit value=Login />
  16. 	</form>
  17. LOGIN;
  18. 		echo $html;
  19. }//end if
  20.  
  21. else if ($status == "register"){
  22. 	//post register page
  23. 	$enc = base64_encode('register');
  24. 	$html = <<<LOGIN
  25. 	<form action = $_SERVER[PHP_SELF]?do=$enc, method = POST>
  26. 		<p>Username: <input type=text name = username /></p>
  27. 		<p>Password: <input type=password name = password /></p>
  28. 		<input type=submit value=Register />
  29. 	</form>
  30. LOGIN;
  31. 		echo $html;
  32. }// end elese if
  33.  
  34.  
  35. }
  36.  
  37. function auth($username, $password){
  38. 	$sql = "SELECT * FROM users WHERE username = '$username' AND password = '$password' ";
  39. 	$res  = mysql_query($sql) or die(mysql_error());
  40. 	if (mysql_num_rows($res)==1){
  41. 	echo "sucessful logged in as ". $username;
  42. 	}//end if
  43. 	else{
  44. 		echo "<p style = 'color:red; font-weight:bold;'>Username or password not correct.
  45. 		<br /> New? Register!</p>";
  46. 		$this->displogin('register');
  47. 	}// end else
  48. }
  49.  
  50.  
  51. function checkempty($username, $password, $mode){
  52. 	if (empty($username) or empty($password)){
  53. 	echo "<p style = 'color:red; font-weight:bold;'>Empty Values are not allowed</p>";
  54. 	$this->displogin('login');
  55. 	}//end if
  56. 	else{
  57. 	//do checking
  58. 	switch($mode){
  59. 		case 'login':
  60. 		$this->auth($username, $password);
  61. 		case 'register':
  62. 		$this->adduser($username, $password);
  63. 		default:
  64. 			echo "<p style = 'color:red; font-weight:bold;'>Wrong Values are not allowed</p>";
  65. 			$this->displogin('login');
  66. 		}//end switch
  67. 	}//end else
  68. }
  69.  
  70. function login($uname, $passwd){
  71. 	//username
  72. 	$username = stripslashes($uname);
  73. 	$username = mysql_real_escape_string($uname);
  74. 	//passsword	
  75. 	$password = stripslashes($passwd);
  76. 	$password = mysql_real_escape_string($passwd);
  77. 	//check for empty variables
  78. 	$this->checkempty($username, $password, 'login');	
  79. }
  80.  
  81. function register($uname, $passwd){
  82. 	//username
  83. 	$username = stripslashes($uname);
  84. 	$username = mysql_real_escape_string($uname);
  85. 	//passsword	
  86. 	$password = stripslashes($passwd);
  87. 	$password = mysql_real_escape_string($passwd);
  88. 	//check for empty variables
  89. 	$this->checkempty($username, $password, 'register');	
  90. }
  91.  
  92. function adduser($username, $password){
  93. 	$sql = "INSERT INTO users(username, password) VALUES('$username', '$password')";
  94. 	//redirect to login page
  95. 	echo "<p style = 'color:green; font-weight:bold;'>Thanks for registering. You can now login</p>";
  96. 	$this->displogin('login');
  97. 	mysql_query($sql) or die(mysql_error());
  98. }
  99.  
  100. }//end class
  101. ?>

index.php
php Syntax (Toggle Plain Text) 
  1. <?php
  2. require "class.php";
  3. $obj = new  LoginRegister();
  4. $conn = mysql_connect("localhost", "root", "") or die(mysql_error());
  5. mysql_select_db("admin", $conn)or die(mysql_error());
  6. if ((isset($_GET['do']))){
  7. 	if (($_GET['do'])==(base64_encode('login'))){
  8. 	$obj->login($_POST['username'], $_POST['password']);
  9. 	 }//end middle first if
  10. 	 else if(($_GET['do'])== (base64_encode('register'))){
  11. 		$obj->register($_POST['username'], $_POST['password']);
  12. 	 }
  13. 	 else{
  14. 		 echo "<p style = 'color:red; font-weight:bold;'>Please Login</p>";
  15. 		$obj->displogin('login');	
  16. 		//debug
  17. 		echo base64_encode('login').'<br />';
  18. 		echo $_GET['do'];
  19. 	 }//end else middle
  20.  
  21. }//end last if 
  22. else{
  23. 	echo "<p style = 'color:green; font-weight:bold;'>Please Login</p>";
  24. 	$obj->displogin('login');	
  25. }//end else
  26. ?>
Atheist: God is man made imagination, he doesn't exist!
Theist: It's okay, can you imagine anything else that doesn't exist?
Junior MD --- Python, C++ and PHP
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,389
Reputation: evstevemd has a spectacular aura about evstevemd has a spectacular aura about evstevemd has a spectacular aura about 
Solved Threads: 127
evstevemd's Avatar
evstevemd evstevemd is offline Offline
Nearly a Posting Virtuoso
 
0
  #2
Oct 31st, 2009
Any help feature or criticism is allowed. Also modification et al
feel free to comment anything
Atheist: God is man made imagination, he doesn't exist!
Theist: It's okay, can you imagine anything else that doesn't exist?
Junior MD --- Python, C++ and PHP
Reply With Quote Quick reply to this message  
Join Date: May 2007
Posts: 438
Reputation: Atli is on a distinguished road 
Solved Threads: 56
Atli's Avatar
Atli Atli is offline Offline
Posting Pro in Training
 
0
  #3
Nov 1st, 2009
Hey.

I would recommend trying to keep logic classes clear of output. One of the fundamental ideas behind OOP is code re-usability, and by infusing the front-end code into the logic you are limiting the uses of the class to a single front-end.

What if, down the line, you need to provide XML output for use login, rather than HTML? Like say, if you decided to implement client-side login via AJAX.

For example, this class would only be useful by a HTML page:
php Syntax (Toggle Plain Text) 
  1. <?php
  2. class Member
  3. {
  4.     public function authenticate($name, $password)
  5.     {
  6.         if(/* authentic */1) {
  7.             echo '<span style="color: green;">Success!</span>';
  8.         }
  9.         else {
  10.             echo '<span style="color: red;">I\'m afraid I can\'t do that, {$name}.</span>';
  11.         }
  12.     }
  13. }
  14. ?>
html Syntax (Toggle Plain Text) 
  1. <html>
  2. <body>
  3.     <div>
  4.     <?php
  5.     $member = new Member();
  6.     $member->authenticate('input', 'more input');
  7.     ?>
  8.     </div>
  9. </body>
  10. </html>

While this one could be used to generate any output:
php Syntax (Toggle Plain Text) 
  1. <?php
  2. class Member
  3. {
  4.     public function authenticate($name, $password)
  5.     {
  6.         if(/* authentic */1) {
  7.             return true;
  8.         }
  9.         else {
  10.             return false;
  11.         }
  12.     }
  13. }
  14. ?>
html Syntax (Toggle Plain Text) 
  1. <html>
  2. <body>
  3.     <div>
  4.     <?php
  5.     $member = new Member();
  6.     if($member->authenticate('input', 'more input')) {
  7.         echo '<span style="color: green;">Success!</span>';
  8.     }
  9.     else {
  10.         echo '<span style="color: red;">I\'m afraid I can\'t do that, {$name}.</span>';
  11.     }
  12.     ?>
  13.     </div>
  14. </body>
  15. </html>
xml Syntax (Toggle Plain Text) 
  1. <root>
  2.     <?php
  3.         $member = new Member();
  4.         $result = $member->authenticate('input', 'more input');
  5.     ?>
  6.     <result message="<?php echo $result ? "success" : "failure"; ?> "/>
  7. </root>

See what I mean? ;-)
Last edited by Atli; Nov 1st, 2009 at 1:03 am. Reason: Perfectionist xD
Please do not ask for help in a PM. Use the forums.
And use [code] tags!
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,389
Reputation: evstevemd has a spectacular aura about evstevemd has a spectacular aura about evstevemd has a spectacular aura about 
Solved Threads: 127
evstevemd's Avatar
evstevemd evstevemd is offline Offline
Nearly a Posting Virtuoso
 
0
  #4
Nov 1st, 2009
I see,
Can you help me point out method names that you see will prevent reuse? I see that I should change all login prompts may be to use XML (is that what you said?). But I'm afraid I might forget some. So pointing methods that need to be removed/changed for sake of re-use will be great help to me.

Another thing is, I have not learned Ajax.
All I have is the basics of both JavaScript and XML, but not anything Ajaxed.
Anyway, is ajax "long curve" to learn? I would be happy to learn and implement that.

I appreciate your reply, which is great
Atheist: God is man made imagination, he doesn't exist!
Theist: It's okay, can you imagine anything else that doesn't exist?
Junior MD --- Python, C++ and PHP
Reply With Quote Quick reply to this message  
Join Date: May 2008
Posts: 524
Reputation: Will Gresham is on a distinguished road 
Solved Threads: 86
Sponsor
Will Gresham's Avatar
Will Gresham Will Gresham is offline Offline
Posting Pro
 
0
  #5
Nov 1st, 2009
Originally Posted by evstevemd View Post
I see,
Can you help me point out method names that you see will prevent reuse? I see that I should change all login prompts may be to use XML (is that what you said?). But I'm afraid I might forget some. So pointing methods that need to be removed/changed for sake of re-use will be great help to me.

Another thing is, I have not learned Ajax.
All I have is the basics of both JavaScript and XML, but not anything Ajaxed.
Anyway, is ajax "long curve" to learn? I would be happy to learn and implement that.

I appreciate your reply, which is great
AJAX is JavaScript.
The easiest way to implement it would be using a library, such as jQuery or the scriptaculous ones.

Be aware that 'AJAX' requires JavaScript to be available, so design your sites to work without it.
AJAX is not a programming language, scripting language or any other sort of language.
It is acheived by using JavaScript http functions.
So, AJAX = JavaScript.
Reply With Quote Quick reply to this message  
Join Date: May 2007
Posts: 438
Reputation: Atli is on a distinguished road 
Solved Threads: 56
Atli's Avatar
Atli Atli is offline Offline
Posting Pro in Training
 
1
  #6
Nov 1st, 2009
Originally Posted by evstevemd View Post
Can you help me point out method names that you see will prevent reuse?
In your class the auth, checkempty and adduser methods should ideally not echo HTML, but rather return a boolean or an error code.
The displogin method also echoes HTML, but it can hardly be considered a logic method. It's more a HTML-specific display method. I would actually argue that it doesn't belong to that class, but rather in the HTML page itself, but that's a different matter.

As a side-note. You should try to avoid abbreviating your method names, like "auth". Even if it seems obvious to you what it stands for at the moment, it may not seem that obvious in the future, if you, or whoever receives your code, ever need to review it.

It's best to adopt a good naming convention and stick to it throughout the project. The PHP "standard" is to use all-lower case names, using _ to separate words. ('authenticate', 'check_empty', 'add_user').
Personally, I like the C# naming conventions. ('Authenticate', 'CheckEmpty', 'AddUser'). It allows me to more clearly distinguish between public and private methods. ('PublicMethod', 'privateMethod')

Originally Posted by evstevemd View Post
I see that I should change all login prompts may be to use XML (is that what you said?)
Not really, no. The XML example was just to demonstrate how the code could be reused for a different purpose other than to print HTML. You don't need to worry about this until you need to print something other than HTML.

Originally Posted by evstevemd View Post
Another thing is, I have not learned Ajax.
All I have is the basics of both JavaScript and XML, but not anything Ajaxed.
Anyway, is ajax "long curve" to learn? I would be happy to learn and implement that.
AJAX is just a method used by client-side code (JavaScript, usually) to fetch data from the server without having to do a full refresh. The AJAX code itself is fairly simple, but to use it you need to write the client-side (JavaScript) code that uses the data it retrieves.

Check out the W3Schools AJAX tutorial. It explains the basics of AJAX very quickly.
Last edited by Atli; Nov 1st, 2009 at 12:52 pm. Reason: I need to stop trusting the spell-checker xD
Please do not ask for help in a PM. Use the forums.
And use [code] tags!
Reply With Quote Quick reply to this message  
Join Date: Oct 2009
Posts: 101
Reputation: jomanlk is an unknown quantity at this point 
Solved Threads: 18
jomanlk jomanlk is offline Offline
Junior Poster
 
0
  #7
Nov 1st, 2009
Just keep your classes separate by thinking of what they are there for.

The classes/methods that access the database or some other datastore and (auth($username, $password)) process logic (also known as the Model or DAO - Data Access Objects) should be separated from classes/methods that just display some information given by the model (displogin($status)) - also known as the View.

Having controller classes sit in the middle and use different view classes (As Atli said, HTML, XML or Ajax) depending on your need is a good idea.

Do some research on the MVC pattern, it is really useful.
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,389
Reputation: evstevemd has a spectacular aura about evstevemd has a spectacular aura about evstevemd has a spectacular aura about 
Solved Threads: 127
evstevemd's Avatar
evstevemd evstevemd is offline Offline
Nearly a Posting Virtuoso
 
0
  #8
Nov 1st, 2009
Thanks guys for your criticism and suggestions. What I say is, they are really really great! They help me improve and I will work on them and make an improved code. Before I implement above suggestions, here is what I have thought to do:
1. Separate into 3 classes (Database Connection, Login logic, Displaying HTML messages)
2. Apply naming Standard as Atli said (I loved that as I use them in Pythoning)
3. Check libraries like JQuery like Gresham said and take alook at Ajax

More suggestions and criticism are invited. Anyway, after it stands well I will add some security tightening like sessions, deciphering, et al
Atheist: God is man made imagination, he doesn't exist!
Theist: It's okay, can you imagine anything else that doesn't exist?
Junior MD --- Python, C++ and PHP
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,389
Reputation: evstevemd has a spectacular aura about evstevemd has a spectacular aura about evstevemd has a spectacular aura about 
Solved Threads: 127
evstevemd's Avatar
evstevemd evstevemd is offline Offline
Nearly a Posting Virtuoso
 
0
  #9
Nov 1st, 2009
Thanks guys for your criticism and suggestions. What I say is, they are really really great! They help me improve and I will work on them and make an improved code. Before I implement above suggestions, here is what I have thought to do:
1. Separate into 3 classes (Database Connection, Login logic, Displaying HTML messages)
2. Apply naming Standard as Atli said (I loved that as I use them in Pythoning)
3. Check libraries like JQuery like Gresham said and take alook at Ajax

More suggestions and criticism are invited. Anyway, after it stands well I will add some security tightening like sessions, deciphering, et al
Atheist: God is man made imagination, he doesn't exist!
Theist: It's okay, can you imagine anything else that doesn't exist?
Junior MD --- Python, C++ and PHP
Reply With Quote Quick reply to this message  
Join Date: Jun 2007
Posts: 1,389
Reputation: evstevemd has a spectacular aura about evstevemd has a spectacular aura about evstevemd has a spectacular aura about 
Solved Threads: 127
evstevemd's Avatar
evstevemd evstevemd is offline Offline
Nearly a Posting Virtuoso
 
0
  #10
30 Days Ago
I completely re-wrote the whole class at home. I added features like encryption, email check et al. I will post it tomorrow as I left laptop at home. Thanks for suggestions.
Atheist: God is man made imagination, he doesn't exist!
Theist: It's okay, can you imagine anything else that doesn't exist?
Junior MD --- Python, C++ and PHP
Reply With Quote Quick reply to this message  
Reply
1 2

Quick Reply to Thread
Message:



Other Threads in the PHP Forum
Thread Tools Search this Thread



# 5.2.10 ajax apache api array beginner binary broken cakephp checkbox class clean clients cms code cron curl database date display dissertation dynamic echo echo$_get[x]changingitintovariable... email error file files folder form forms function functions google href htaccess html image images include insert integration ip java javascript joomla ldap legislation limit link local login loop mail memberships menu mlm multiple multipletables mysql mysqlquery oop open paypal pdf persist php problem query radio random recursion regex remote rss script search server sessions sms soap sockets source space spam sql syntax system table tutorial update upload url validator variable video web xml youtube
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC