Make your own free website on Tripod.com
Previous Next Table of Contents

1. Overview

1.1 Classes, Functionality and Dependencies

The PHP3 base library offers a set of classes designed for easy web application development. These classes are:

DB_Sql in db_mysql.inc or in db_pgsql.inc or in dblowbar;odbc.inc/:

A database accessor class for your database server. PHPLIB depends on the presence of a SQL database server. Depending on the type of your database server, you have to select the appropriate include file. The file contains the definition of a class DB_Sql. Currently MySQL, Postgres and OBCB are supported.

The class manages a database connection (connection setup is implicit) and result memory is managed automatically.

An independent class.

Session in session.inc:

Manages an arbitrary amount of arbitrarily named session variables of scalar, array and object types (Object support requires that you implement two instance variables in your classes).

Depends on DB_Sql.

Auth in auth.inc:

Manages session authentication. Sessions are authenticated against usernames and passwords in a database. Authentication can be time limited.

Depends on Session and DB_Sql.

Perm in perm.inc:

Manages permission checks on authenticated session pages. Protected pages are only accessible to users with the specified rights.

Depends on Auth, Session and DB_Sql.

User in user.inc:

Manages user dependent variables. Unlike session variables these are bound to a user id, not to a session id. They are persistent over multiple sessions, but are only available after a user has been authenticated.

Depends on Auth, Session and DB_Sql, extension of Session.

Cart in cart.inc:

Manages a simple shopping cart. Items can be put into the cart, taken out of the cart and the carts contents can be enumerated.

Depends on Session.

Table in table.inc:

Creates HTML tables from twodimensional arrays or from database query results. The class can either filter out the desired columns from an array or you can explicitly name which columns to show. A heading can be turned on if desired. All generated HTML elements are tagged with a classname you specify for stylesheet support, if needed. When used in a form tag, each table row can be prefixed with a checkbox input element to allow for row selection.

An independent class.

CSV_Table in csv_table.inc:

Creates a dump of a twodimensional array or a query result in CSV format, suitable for loading into a database or a spreadsheet program.

Depends on Table, extension of Table.

functions page_open() and page_close() in page.inc:

Setup and Shutdown functions, must be present on any session page.

Depend on Session.

Application configuration in local.inc:

Your application will almost certainly not work with the default values supplied by the above classes. You are supposed to extend the above classes as you see fit.

In your subclasses, you only have to specify what is different in your application. These are things like database hostnames, database names, table names and username/password combinations. You need to provide login screen defintions (HTML) and user validation functions (SQL) to make the example work.

We provide a local.inc to illustrate this.

1.2 A simple example


<?php
  page_open(array("sess" => "Poe_Session", 
                  "auth" => "Poe_Auth", 
                  "perm" => "Poe_Perm"));
  $perm->check("admin");
  $sess->register("s")
 ?>
<html>
<?php

 printf("<h1>%s</h1>\n", ++$s);
 printf("<h1>%s</h1>\n", ++$t);

 ?>
</html>
<?php page_close() ?>

The whole page is framed with a page_open() and page_close() pair. page_open() creates the needed objects for this page ($sess, our session; $auth, the user authentication object; and $perm, for permission checks).

$perm->check("admin") ensures that only authenticated users with admin permission can access this pages.

$sess->register("s") registers a variable of arbitrary type with the session management, so that it becomes persistent.

As you can see when you reload the page, $s is continously incremented. $t, which has not been registered, is always "1".

When page_close() is being called, the values of all registered variables are saved to the database. The next time a session object is created via page_open(), these variables are recreated.

The example assumes two tables in a database: active_session keeps the variable state and auth_user is needed for login validation. The active_session-table holds all currently active sessions for all users. Each session consists of a session id (sid), the name of the session class (name) and the names and values of all registered variables (val). A change date is kept with each session to support a simple garbage collection mechanism. The auth_user table keeps all usernames and passwords (username and password). Each user is uniquely identified with a user id (uid) and each user has a list of comma separated permissions attached to his or her identity (perm). These permissions are matched against the required permissions for permission protected pages.


# MySQL dump 4.0
#
# Host: shelley    Database: poe_sessions
#--------------------------------------------------------
CREATE DATABASE poe_sessions;

#
# Table structure for table 'active_sessions'
#
CREATE TABLE active_sessions (
  sid varchar(32) DEFAULT '' NOT NULL,
  name varchar(32) DEFAULT '' NOT NULL,
  val text,
  changed varchar(14) DEFAULT '' NOT NULL,
  PRIMARY KEY (sid,name),
  KEY changed (changed)
);

#
# Table structure for table 'auth_user'
#
CREATE TABLE auth_user (
  uid varchar(32) DEFAULT '' NOT NULL,
  username varchar(32) DEFAULT '' NOT NULL,
  password varchar(32) DEFAULT '' NOT NULL,
  perm varchar(255),
  PRIMARY KEY (uid),
  UNIQUE k_username (username)
);

#
# Dumping data for table 'auth_user'
#

INSERT INTO auth_user VALUES
('c14cbf141ab1b7cd009356f555b607dc','kris','test','admin');


Previous Next Table of Contents