最受欢迎

将 PHP4 类转换为 PHP5:帮助将 “var $thisvar;”替换为 php5 等效

converting php4 class to php5: help replacing "var $thisvar;" to php5 equivilant

本文关键字:thisvar 等效 替换 php5 PHP4 转换 PHP5 帮助 var | 更新日期: 2023-09-27

我在网上找到了一个用户登录脚本,后来我发现它是用PHP4编写的,我正在将其更新为PHP5并同时学习OOP:)

我的用户类的一个片段是

<?php
session_start();   //Tell PHP to start the session
include("include/database.php");
include("include/mailer.php");
include("include/form.php");
include("constants.php");
class user
{
var $username;     //Username given on sign-up
var $firstname;
var $lastname;
var $userid;       //Random value generated on current login
var $userlevel;    //The level to which the user pertains
var $time;         //Time user was last active (page loaded)
var $logged_in;    //True if user is logged in, false otherwise
var $userinfo = array();  //The array holding all user info
var $url;          //The page url current being viewed
var $referrer;     //Last recorded site page viewed
var $num_active_users;   //Number of active users viewing site
var $num_active_guests;  //Number of active guests viewing site
var $num_members;        //Number of signed-up users
/**
* Note: referrer should really only be considered the actual
* page referrer in process.php, any other time it may be
* inaccurate.
*/
public function __construct(db $db, Form $form)
{
    $this->database = $db;
    $this->form = $form;
    $this->time = time();
    $this->startSession();
    $this->num_members = -1;
    if(TRACK_VISITORS)
    {
        /* Calculate number of users at site */
        $this->calcNumActiveUsers();
        /* Calculate number of guests at site */
        $this->calcNumActiveGuests();
    }

 }      
/**
* startSession - Performs all the actions necessary to 
* initialize this session object. Tries to determine if the
* the user has logged in already, and sets the variables 
* accordingly. Also takes advantage of this page load to
* update the active visitors tables.
*/
function startSession()
{
    /* Determine if user is logged in */
    $this->logged_in = $this->checkLogin();
    /**
    * Set guest value to users not logged in, and update
    * active guests table accordingly.
    */
    if(!$this->logged_in)
    {
        $this->username = $_SESSION['username'] = GUEST_NAME;
        $this->userlevel = GUEST_LEVEL;
        $this->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);
    }
    /* Update users last active timestamp */
    else
    {
        $this->addActiveUser($this->username, $this->time);
    }
    /* Remove inactive visitors from database */
    $this->removeInactiveUsers();
    $this->removeInactiveGuests();
    /* Set referrer page */
    if(isset($_SESSION['url']))
    {
         $this->referrer = $_SESSION['url'];
    }
    else
    {
        $this->referrer = "/";
    }
    /* Set current url */
    $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
}
/**
* checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's 
* authenticity. Returns true if the user has logged in.
*/
function checkLogin()
{
    /* Check if user has been remembered */
    if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid']))
    {
        $this->username = $_SESSION['username'] = $_COOKIE['cookname'];
        $this->userid   = $_SESSION['userid']   = $_COOKIE['cookid'];
    }
    /* Username and userid have been set and not guest */
    if(isset($_SESSION['username']) && isset($_SESSION['userid']) && $_SESSION['username'] != GUEST_NAME)
    {
        /* Confirm that username and userid are valid */
        if($this->confirmUserID($_SESSION['username'], $_SESSION['userid']) != 0)
        {
            /* Variables are incorrect, user not logged in */
            unset($_SESSION['username']);
            unset($_SESSION['userid']);
            return false;
        }
        /* User is logged in, set class variables */
        $this->userinfo  = $this->getUserInfo($_SESSION['username']);
        $this->username  = $this->userinfo['username'];
        $this->userid    = $this->userinfo['userid'];
        $this->userlevel = $this->userinfo['userlevel'];
        $this->lastlogin = $this->userinfo['lastlogin'];
        $this->townid = $this->userinfo['placeID'];
        return true;
    }
    /* User not logged in */
    else
    {
        return false;
    }
}
}
$db = new db($config);
$form = new Form;
$user = new User($db, $form);

但是有人告诉我 VaR $username; 等不是很安全,不应该使用,所以我在这里问我应该用什么代替?

我是否为每个 VaR 做这样的事情?

private $username;
/**
 * @return the $username
 */
public function getUsername() {
    return $this->username;
}
/**
 * @param $newUsername
 * the username to set
 */
public function setUsername($newUsername) {
    $this->username = $newUsername;
}

谢谢

>var等效于public。通过使所有成员变量private并为每个成员变量添加 getter(但不是 setter),您可以有效地做到这一点,以便使用您的 API 的其他开发人员无法 [意外] 更新值。这就是"安全"的含义 - 如果您不以正确的隐私级别*声明他们,似乎某人将无法入侵您的服务器或访问数据。

如果你也要添加一个二传手,我会说你在浪费你的时间(尽管其他人会不同意我的观点)。无论如何,您已经让他们完全控制了变量。唯一的优点是,如果您决定以不同的方式存储值,则可以在getter/setter中压缩其他一些计算。

* 尽管其他开发人员可能会意外地暴露他不应该暴露的信息,例如密码。

相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习