[FeedBack] Could use your help :)

codefreek · 12-29-2007, 02:16 PM

Class_user.php

Hello, i have much to learn.
Could anyone please take the time and corect me.
with /*comment tags */ so i know what i did rong..

Thank you ;)

PHP Code:


			
<?php

class users {

    public $date
    public $login
    public $register
    public $userpage /* Not done yet */
    public $admin /* Not done yet */

public function logg(){
    print "This user was last logged in" . $this->date;
          SELECT * (`date` = '".($date)."')) from `user` 
            print '$date';
    }

}

public function userlogin(){

    
{
    SELECT `id` from user WHERE((md5(`username`)."')&&(`password` = '".md5($password)."')) 

if("$username && $password == );
    print "you have accses to login";
                 
}else{
      print "You may not login";

  }

}

public function reg(){
    
    
{

        $sql = "INSERT INTO `".SUFFIX."user` SET `username` = '".$username."', `password` = '".md5($password)."', `email` = '".$email."', `usrlvl` = '0', `registered` = NOW()";


    }






?>

Tanax · 12-29-2007, 02:54 PM

On the register function, you have in the query that the username should be set to $username, but where is that variable set?

Also, you refer to $this->db when you're calling a query, but I don't see where you set the $db variable in the class..

Also, why do you have $this->register in the beginning of the reg function?

codefreek · 12-29-2007, 03:17 PM

tanax ty for your comment but could you explain more what you are asking me :P
hum.. oh right now i get it or do i :P ? "but where is that variable set?"
explain??

hum..

Tanax · 12-29-2007, 03:23 PM

Well, your register function, could look something like this:

PHP Code:


			
public function reg($username, $password, $email) {

// Making the sql statement which would insert the values
$sql = "INSERT INTO `".SUFFIX."user` SET `username` = '".$username."', `password` = '".md5($password)."', `email` = '".$email."', `usrlvl` = '0', `registered` = NOW()";

// Making a variable that executes the query when the variable is called.
$query = mysql_query($sql);

// Here we call the variable and check if it's returned true at the same time.
if($query) {

// If the query returns true, then we return the function as true.
return true;

}

// If not, we return the function as false.
return false;

}

codefreek · 12-29-2007, 03:28 PM

hum. ok i get it
hum i will work on this..
thank you..

deflated · 12-29-2007, 03:45 PM

You're trying to access $this->db. I reckon that you were planning to write your own Database class. Your class is a mix of database access, output and access on user data. A class should not contain any HTML or access on superglobals like $_POST, $_GET, etc. for portability reasons. So it might be better to separate the output from the user interaction and the logic like it's done in MVC structures. SHA1 is more secure than MD5 so you should use sha1() instead of md5(). Here's how I would have realized it:

PHP Code:


			
class Users {
    private $db = nulll ;
    
    /**
     * Constructor of the class
     *
     * @param Database $db
     */
    
    public function __construct ( Database $db ) {
        $this->db = $db ;
    }
    
    /**
     * Returns the last login of a user
     *
     * @param integer $userId
     * @return integer    UNIX timestamp
     */
    
    public function getLastLogin ( $userId ) {
        $query = $this->db->query ( 'SELECT last_login FROM `users` WHERE id = ?', $userId ) ;
        $row = $this->db->fetchRow ( $query, Database::FETCHMODE_NUM ) ;
        return $row [ 0 ] ;
    }
    
    /**
     * Checks if the username and the password are correct
     *
     * @param string $username
     * @param string $password
     * @return boolean
     */
    
    public function login ( $username , $password ) {
        $query = $this->db->query ( 'SELECT count(id) FROM user WHERE username = ? AND password = ?', $username, sha1($password) ) ;
        $row = $this->db->fetchRow ( $query, Database::FETCHMODE_NUM ) ;
        return $row [ 0 ] > 0 ;
    }
    
    /**
     * Registers an account
     *
     * @param string $username
     * @param string $password
     * @param string $eMail
     * @param integer $userLevel
     */
    
    public function register ( $username , $password , $eMail , $userLevel ) {
        $data = array (
            'username'   => $username ,
            'password'   => sha1 ( $password ) ,
            'email'      => $eMail ,
            'user_level' => $userLevel
        ) ;
        
        $this->db->insert ( $data, 'user' ) ;
    }
}

And here's the structure of the Database class. I haven't implemented the methods itself because there are enough resources on the internet about how to create a database class.

PHP Code:


			
class Database {
    const FETCHMODE_NUM   = 0 ;
    const FETCHMODE_ASSOC = 1 ;
    //add more types...
    
    /**
     * Executes a SQL query
     *
     * @param string $sql
     * @param array $bindings
     */
    
    public function query ($sql, array $bindings = array ( )) {
        //...
    }
    
    /**
     * Gets a row
     *
     * @param resource $query
     * @param integer $fetchMode
     */
    
    public function fetchRow ( $query , $fetchMode = self::FETCHMODE_ASSOC ) {
        //...
    }
    
    /**
     * Inserts a row
     *
     * @param array $data
     * @param string $tableName
     */
    
    public function insert ( array $data , $tableName ) {
        //...
    }
}

Both class should be self-explanatory.

If you have any questions don't hesitate to ask. Thanks.

codefreek · 12-29-2007, 04:54 PM

man you realy where a good helper on this ;) ty.
but i dont know i want to so bad learn and i just dont get it :S

but i wont give up not this time
its time to stop being lazy and start learning xD

so ty dude and i might just take up your offer on asking again ;)

as i said great help ty :D

ps: i knew about the sha1() but i forgot what it was called so i went with md5 sorry xD ;)

deflated · 12-29-2007, 06:00 PM

No problem.

There's a pretty cool blog by sunilbhatia79 which might support you with learning PHP:
Geek Files

Have fun!