1. 首頁
  2. 問答
  3. 數據庫連接類建議

數據庫連接類建議

2011-09-06 57 views
1

我創造了這個類連接到我的數據庫和閱讀的地方有不同的用戶的連接是最安全的。因此,我爲用戶提供了用於更新,選擇,刪除和插入的四個不同選項。我並不確定是否有必要爲每一個用戶創建一個用戶。我基本上想知道我能做些什麼來改善這個課程。我知道這些問題在這裏出現很多,但每個人的課程似乎都不一樣,所以我想我會問。數據庫連接類建議

下面是該代碼的引擎收錄。其很長,否則我只是張貼在這裏。如果pastebin是一個問題,我會添加代碼。

(由ninetwozero編輯:把代碼內嵌)

<?php 

    class DB_Connection { 

     //Subject to change 
     protected $_DATABASE = '#'; 
     protected $_HOST  = '#'; 

     protected $_SELECT = array('connection' => null, 
            'user' => '#', 
            'pass' => '#', 
            'alive' => FALSE, 
            'thread' => ''); 

     protected $_INSERT = array('connection' => null, 
            'user' => '#', 
            'pass' => '#', 
            'alive' => FALSE, 
            'thread' => ''); 

     protected $_DELETE = array('connection' => null, 
            'user' => '#', 
            'pass' => '#', 
            'alive' => FALSE, 
            'thread' => ''); 

     protected $_UPDATE = array('connection' => null, 
            'user' => '#', 
            'pass' => '#', 
            'alive' => FALSE, 
            'thread' => ''); 

     /** 
     * Take an input and create that connection and connect to the database 
     * using the appropriate logins 
     * @param $type - Type of connection; SELECT, UPDATE, DELETE, INSERT 
     */ 
     public function __construct($type) { 

      switch($type) { 
       case "SELECT": 

        // Create the connection 
        $this->_SELECT['connection'] = new mysqli($this->_HOST, 
                   $this->_SELECT['user'], 
                   $this->_SELECT['pass'], 
                   $this->_DATABASE); 
        // State that the connection is alive         
        $this->_SELECT['alive'] = TRUE; 

        // Put in the thread ID that is created when the connection is established 
        $this->_SELECT['thread'] = $this->_SELECT['connection']->thread_id; 

        // Verify that the connection was successfull           
        if($this->_SELECT['connection']->connect_error) { 
         die('Connection error: ' . $this->_SELECT['connection']->connect_errorno . ' ' . 
                $this->_SELECT['connection']->connect_error); 
         //TODO Create better error handling 
        } else { 
         echo "connection worked somehow.<br />"; 
        } 

       case "INSERT": 
        // Create the connection 
        $this->_INSERT['connection'] = new mysqli($this->_HOST, 
                  $this->_INSERT['user'], 
                  $this->_INSERT['pass'], 
                  $this->_DATABASE); 
        // State that the connection is alive 
        $this->_INSERT['alive'] = TRUE; 

        // Put in the thread ID that is created when the connection is establishedq 
        $this->_INSERT['thread'] = $this->_INSERT['connection']->thread_id; 

        // Verify that the connection was successfull          
        if($this->_INSERT['connection']->connect_error) { 
         die('Connection error: ' . $this->_INSERT['connection']->connect_errorno . ' ' . 
                $this->_INSERT['connection']->connect_error); 
         //TODO Create better error handling 
        } else { 
         echo "connection worked somehow.<br />"; 
        } 

       case "DELETE": 
        // Create the connection 
        $this->_DELETE['connection'] = new mysqli($this->_HOST, 
                  $this->_DELETE['user'], 
                  $this->_DELETE['pass'], 
                  $this->_DATABASE); 
        // State that the connection is alive 
        $this->_DELETE['alive'] = TRUE; 

        // Put in the thread ID that is created when the connection is establishedq 
        $this->_DELETE['thread'] = $this->_DELETE['connection']->thread_id; 

        // Verify that the connection was successfull 
        if($this->_DELETE['connection']->connect_error) { 
         die('Connection error: ' . $this->_DELETE['connection']->connect_errorno . ' ' . 
                $this->_DELETE['connection']->connect_error); 
         //TODO Create better error handling 
        } else { 
         echo "connection worked somehow.<br />"; 
        } 

       case "UPDATE": 
        // Create the connection 
        $this->_UPDATE['connection'] = new mysqli($this->_HOST, 
                  $this->_UPDATE['user'], 
                  $this->_UPDATE['pass'], 
                  $this->_DATABASE); 
        // State that the connection is alive 
        $this->_UPDATE['alive'] = TRUE; 

        // Put in the thread ID that is created when the connection is establishedq 
        $this->_UPDATE['thread'] = $this->_UPDATE['connection']->thread_id; 

        // Verify that the connection was successfull 
        if($this->_UPDATE['connection']->connect_error) { 
         die('Connection error: ' . $this->_UPDATE['connection']->connect_errorno . ' ' . 
                $this->_UPDATE['connection']->connect_error); 
         //TODO Create better error handling 
        } else { 
         echo "connection worked somehow.<br />"; 
        } 

      }// END CASE 

     }// END _construct 


     public function get_Select_Con() { 
      return $this->_SELECT['connection']; 
     } 
     public function get_Insert_Con() { 
      return $this->_INSERT['connection']; 
     } 
     public function get_Delete_Con() { 
      return $this->_DELETE['connection']; 
     } 
     public function get_Update_Con() { 
      return $this->_UPDATE['connection']; 
     } 


     /** 
     * Kill the threads and close the connection 
     */ 
     public function __destruct() { 
      if ($this->_SELECT['alive'] == TRUE) { 
       $this->_SELECT['connection']->kill($this->_SELECT['thread']); 
       $this->_SELECT['connection']->close(); 
       echo " thread killed and connection closed"; 
      } 
      if ($this->_INSERT['alive'] == TRUE) { 
       $this->_INSERT['connection']->kill($this->_INSERT['thread']); 
       $this->_INSERT['connection']->close(); 
       echo " thread killed and connection closed"; 
      } 
      if ($this->_DELETE['alive'] == TRUE) { 
       $this->_DELETE['connection']->kill($this->_DELETE['thread']); 
       $this->_DELETE['connection']->close(); 
       echo " thread killed and connection closed"; 
      } 
      if ($this->_UPDATE['alive'] == TRUE) { 
       $this->_UPDATE['connection']->kill($this->_UPDATE['thread']); 
       $this->_UPDATE['connection']->close(); 
       echo " thread killed and connection closed"; 
      } 
     }// END _destruct 
    } 
?>

http://pastebin.com/F4e4Yz5r

來源

2011-09-06 PhiXhiP

+1

我建議停止創建你自己的那個已經創建更好的東西庫。有很多連接類的解決方案,我使用(沒有更多正在開發)捷克數據庫層dibi:http://dibiphp.com/ –

+1

什麼在地球上所有這些亂七八糟? –

+2

我創建自己的課程的主要原因是爲了更好地理解和學習php,mysql和所有這些。我應該看看其他人創建的類,以瞭解我認爲已經完成了什麼。至於亂七八糟的東西,它在ZS中看起來並不是一團糟,但在pastebin上它將格式化搞砸了。 – PhiXhiP

回答

1

您可能還沒有理解正確的事情。在大多數情況下,數據庫訪問應在交易中進行,該交易保證ACIDity。在同一個交易中,您將選擇,插入,更新和刪除。對於每種操作,擁有4個不同的用戶(因此有4個獨立的連接,因此有4個獨立的事務)只是一個非常糟糕的主意。

來源

2011-09-06 11:53:07

+0

你是對的,我似乎誤解了整個數據庫事務,但這就是我在這裏發佈的原因。我想我必須做錯事,因爲我這樣做完全不合情理。感謝您的評論。 +1如果我可以:D – PhiXhiP

0

上某個用戶可以執行的操作的限制不應該授予的代碼,但管理由數據庫服務器本身,通過它的權限管理。即使有一個非常(太??)粗粒度的權限模式,在你的代碼證明的情況下,它很快就會變得非常混亂。現在想象一下,你需要在每個表的基礎上管理這些權限......

正如其他人已經說過的,我會堅持現有的數據庫連接解決方​​案,並學習如何使用數據庫的權限系統達到最佳狀態潛在的,例如,通過讓那只是顯示的數據來看,與剛讀權限的用戶的應用程序等

來源

2011-09-06 12:01:41 fvu

0

如果您要創建不同的數據庫用戶,那麼這些應該是對用戶需求的不同類型(和級別),其使用你的應用程序,而不是每個數據庫的權限之一,因爲單個用戶可能想要在某個時候完成上述所有操作......但僅限於某些表格。因此,您可以爲來賓,經過身份驗證的用戶,管理員等創建不同的用戶。例如,訪客將無法更新(甚至不選擇?)user_profiles表。

而且在我的評論中提及了...你不應該存儲類本身裏面你的數據庫連接參數。這些應該從一個安全的位置讀入(也許在web根目錄之上),這樣如果PHP被破壞,你的數據庫就不那麼好了。

來源

2011-09-06 12:02:17 MrWhite

+0

感謝您的意見。我將不得不對如何利用數據庫用戶做更多的研究。我也沒有計劃將數據庫登錄信息存儲在類本身中,我認爲如果我這樣做,它會變得不安全。 – PhiXhiP

相關問題

 相關問題