Forum Moderators: coopster
I've been reading a lot about how the use of global variables is not recommended due to security issues. Personally, I don't like the use of global variables, however, since the website I'm building is strictly class-based, I would need to access its methods somehow.
What is the best approach for this so I can avoid global variables?
I have 2 php files, index.php and session.php. In index.php, I'm simply including session.php like so:
/* index.php */
<?
include_once("session.php");
?>
<html>
<body>
</body>
</html>
In session.php, I have created a class like so:
/* session.php */
<?
class Session
{
public function Session(){}
public function method1(){}
public function method2(){}
};
$session = new Session; // Notice the use of global var here
?>
Do you think the following would be better?
/* session.php */
<?
class Session
{
public function Session(){}
public function method1(){}
public function method2(){}
};
StartSession();
function StartSession() { $session = new Session; }
?>
The problem with this approach is that $session variable will not be accessible by my php pages since its scope is limited to the StartSession function so I don't know how to call the methods within the Session class.
Unless, are there any problems with me doing the following at the top of index.php instead like so or is that the same as global variable use?
/* index.php */
<?
include_once("session.php");
$session = new Session;
?>
<html>
<body>
</body>
</html>
Thanks for any suggestions and help. I'm not sure how others are tackling this problem without the use of global variables.
Bobby
I take it this is your first experience with object oriented design. I would recommend as you move forward that you research the MVC design pattern and look at frameworks such as Zend Framework that might lessen the learning curve for you.
Zend offers a PHP Framework with a great MVC implementation and full documentation.
Cheers.
I think the original post is asking how to access variables from multiple locations without making it a global to avoid something like
function foo() {
global $myvar;
}
Not in the context of security (although the word is used,) in the context of good PHP coding practices.
This is actually something I don't fully grok myself, I've read the articles, read why you shouldn't use globals, know how to create classes, but sometimes get cornered into using global variables myself.
<awaiting answers as well> :-)
I don't know what's considered the best, though if you are passing in a user object to manipulate would it work.
e.g.
function alterUser($user){
$user->name = $user->name." - test";
return $user;
}
versus
function alterUser(){
global $user;
$user->name = $user->name." - test";
} // Does this now need a return value?
$user = myFunc($user);
I think the original post is asking how to access variables from multiple locations without making it a global to avoid something like..
If this is the case, you should look into the Singleton pattern. A quick example is below:
class DataRegistry {public static $instance = null;
private $data;private function __construct() {}
public static function instance() {
if(is_null(self::$instance) {
self::$instance = new DataRegistry();
}
return self::$instance;
}public function getData($value) {
$inst = self::instance();
if(isset($inst->data[$value])) {
return $inst->data[$value];
}
return null;
}public function setData($key, $value) {
$inst = self::instance();
$inst->data[$key] = $value;
}
}
Usage:
$registry = DataRegistry::instance();
$registry->setData('var', 'myValue');
echo $registry->getData('var');
Should see: myValue
This class can be called from anywhere within your application and will always hold the same values (unless of course you overwrite them).
So, you could have a function...
function doSomethingUseful() {
//get Registry Value
$registry = DataRegistry::instance();
$registry->getValue('var'); //will be myValue
}
If the data needs to persist simply modify your data registry to add session handling.
Cheers.
/* index.php file */
// need to trigger it somehow
doSomethingUseful();
function doSomethingUseful()
{
// $registry variable now has a limited scope
// instead of it being global
$registry = DataRegistry::instance();
$registry->getValue('var');
}
class DataRegistry {
//use of "static" is important. Thanks!
...
};
I hope this is a better approach than just doing
$registry = DataRegistry::instance();
outside of the DataRegistry class inside of index.php.
Thanks,
Bobby
I hope this is a better approach than just doing$registry = DataRegistry::instance();
outside of the DataRegistry class inside of index.php.
The important concept to understand here is that you are utilizing a singleton class. This means, that you can share the same instance of that class throughout o your application whether it be other classes or functions.
If you need limited scope, than a singleton class would be overkill, if you need a variable to only be valid within a class instance, the singleton class would be overkill.
Anyway, glad you found a solution that works for you.
Cheers.
While the Singleton pattern is wonderful by forcing only one instance of a class to exist, how would that be beneficial for websites because each page request in a website triggers an instance so it's essentially the same as a normal class. I think this is perfect if and when the instance of the singleton class can be passed from one page to another.
If I'm understanding this correctly, I think one can store this instance either in a Text file, Database or a Session variable using Serialize()/UnSerialize().
The problem with text files and databases are the overhead for each page request. What about $_SESSION? Is it safe to use it there instead?
I guess, what's the best way of keeping a session persistent?
