The PHP3 base library offers a set of classes designed for easy web application development. These classes are:
DB_Sql
in db_mysql.inc
or in
db_pgsql.inc
or in db
lowbar;odbc.inc/:A database accessor class for your database server. PHPLIB
depends on the presence of a SQL database server. Depending
on the type of your database server, you have to select the
appropriate include file. The file contains the definition of
a class DB_Sql
. Currently MySQL, Postgres and
OBCB are supported.
The class manages a database connection (connection setup is implicit) and result memory is managed automatically.
An independent class.
Session
in session.inc
:Manages an arbitrary amount of arbitrarily named session variables of scalar, array and object types (Object support requires that you implement two instance variables in your classes).
Depends on DB_Sql
.
Auth
in auth.inc
:Manages session authentication. Sessions are authenticated against usernames and passwords in a database. Authentication can be time limited.
Depends on Session
and DB_Sql
.
Perm
in perm.inc
:Manages permission checks on authenticated session pages. Protected pages are only accessible to users with the specified rights.
Depends on Auth
, Session
and DB_Sql
.
User
in user.inc
:Manages user dependent variables. Unlike session variables these are bound to a user id, not to a session id. They are persistent over multiple sessions, but are only available after a user has been authenticated.
Depends on Auth
, Session
and DB_Sql
,
extension of Session
.
Cart
in cart.inc
:Manages a simple shopping cart. Items can be put into the cart, taken out of the cart and the carts contents can be enumerated.
Depends on Session
.
Table
in table.inc
:Creates HTML tables from twodimensional arrays or from database query results. The class can either filter out the desired columns from an array or you can explicitly name which columns to show. A heading can be turned on if desired. All generated HTML elements are tagged with a classname you specify for stylesheet support, if needed. When used in a form tag, each table row can be prefixed with a checkbox input element to allow for row selection.
An independent class.
CSV_Table
in csv_table.inc
:Creates a dump of a twodimensional array or a query result in CSV format, suitable for loading into a database or a spreadsheet program.
Depends on Table
, extension of Table
.
page_open()
and page_close()
in page.inc
:Setup and Shutdown functions, must be present on any session page.
Depend on Session
.
local.inc
:Your application will almost certainly not work with the default values supplied by the above classes. You are supposed to extend the above classes as you see fit.
In your subclasses, you only have to specify what is different in your application. These are things like database hostnames, database names, table names and username/password combinations. You need to provide login screen defintions (HTML) and user validation functions (SQL) to make the example work.
We provide a local.inc
to illustrate this.
<?php
page_open(array("sess" => "Poe_Session",
"auth" => "Poe_Auth",
"perm" => "Poe_Perm"));
$perm->check("admin");
$sess->register("s")
?>
<html>
<?php
printf("<h1>%s</h1>\n", ++$s);
printf("<h1>%s</h1>\n", ++$t);
?>
</html>
<?php page_close() ?>
The whole page is framed with a page_open()
and page_close()
pair.
page_open()
creates the needed objects for this page ($sess
, our
session; $auth
, the user authentication object; and $perm
, for
permission checks).
$perm->check("admin")
ensures that only authenticated users with
admin permission can access this pages.
$sess->register("s")
registers a variable of arbitrary type with
the session management, so that it becomes persistent.
As you can see when you reload the page, $s
is continously
incremented. $t
, which has not been registered, is always "1"
.
When page_close()
is being called, the values of all registered
variables are saved to the database. The next time a session object is
created via page_open()
, these variables are recreated.
The example assumes two tables in a database: active_session
keeps the variable state and auth_user
is needed for login
validation. The active_session
-table holds all currently active
sessions for all users. Each session consists of a session id (sid
),
the name of the session class (name
) and the names and values of all
registered variables (val
). A change date is kept with each session to
support a simple garbage collection mechanism. The auth_user
table
keeps all usernames and passwords (username
and password
). Each
user is uniquely identified with a user id (uid
) and each user has a
list of comma separated permissions attached to his or her identity
(perm
). These permissions are matched against the required permissions
for permission protected pages.
# MySQL dump 4.0
#
# Host: shelley Database: poe_sessions
#--------------------------------------------------------
CREATE DATABASE poe_sessions;
#
# Table structure for table 'active_sessions'
#
CREATE TABLE active_sessions (
sid varchar(32) DEFAULT '' NOT NULL,
name varchar(32) DEFAULT '' NOT NULL,
val text,
changed varchar(14) DEFAULT '' NOT NULL,
PRIMARY KEY (sid,name),
KEY changed (changed)
);
#
# Table structure for table 'auth_user'
#
CREATE TABLE auth_user (
uid varchar(32) DEFAULT '' NOT NULL,
username varchar(32) DEFAULT '' NOT NULL,
password varchar(32) DEFAULT '' NOT NULL,
perm varchar(255),
PRIMARY KEY (uid),
UNIQUE k_username (username)
);
#
# Dumping data for table 'auth_user'
#
INSERT INTO auth_user VALUES
('c14cbf141ab1b7cd009356f555b607dc','kris','test','admin');