Something wrong with my code :(
Posted: Wed Dec 23, 2009 4:59 am
I'm playing about with OOP trying to improve my projects code. I've created two classes, one that handles database access and querys and one that handles user information...
Class user extends db_access so that when the signsubmit.php file creates a new instance of user it can be used to submit the data to the database...
Can anyone have a quick look at my code and let me know where I'm going wrong. I ran the signsubmit.php and I get no errors but also nothing happens, the details dont get passed onto the database.
signsubmit.php
common.class.php
Class user extends db_access so that when the signsubmit.php file creates a new instance of user it can be used to submit the data to the database...
Can anyone have a quick look at my code and let me know where I'm going wrong. I ran the signsubmit.php and I get no errors but also nothing happens, the details dont get passed onto the database.
signsubmit.php
Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<h1>Sign up complete!</h1>
<?
require_once('common.class.php');
$user = new user;
$user->u_username = $_POST['s_user'];
$user->u_password = $_POST['s_pass'];
if (!$user->save_user()) die("Could not save user : " . $user->u_sql_error);
?>
</body>
</html>Code: Select all
<?
////////////////////////////////////////////////
////////////////Users class/////////////////////
////////////////////////////////////////////////
class user extends db_access {
public $u_username, $u_password, $u_sql_error;
// Generate random base64_encoded string
function get_rand_b64($bytes) {
$fp=fopen("/dev/urandom","rb");
$rand = base64_encode(fread($fp,$bytes));
fclose($fp);
return $rand;
} // END get_rand_b64
// Save username, password and salt
function save_user($this->u_username, $this->u_password) {
$this->u_salt = $this->get_rand_b64(4096);
$this->u_timestamp = time();
$this->u_username = mysql_real_escape_string($this->u_username);
$this->u_password = mysql_real_escape_string($this->u_password);
$this->u_password = hash('sha256',$this->u_password . base64_decode($this->u_salt));
$query = "INSERT INTO users(username, password, salt, timestamp) " .
"VALUES ('$this->u_username', '$this->u_password', '$this->u_salt', '$this->u_timestamp')";
parent::query_db($query);
if (!$this->q_result) {
$this->u_sql_error = mysql_error(q_result);
return false;
} else {
return true;
}
} // END save_user
// Regenerate session ID
function session_regen($bytes) {
if ($bytes < 64) {
$fp=fopen("/dev/urandom","rb");
$sid = bin2hex(fread($fp,$bytes));
fclose($fp);
session_start();
$tmp = $_SESSION;
session_unset();
session_destroy();
session_id($sid);
session_start();
$_SESSION = $tmp;
$tmp = array();
} else {
return false;
}
} // END session_regen
// END CLASS
}
class db_access {
public $db_hostname = 'xxxxxxxx', $db_username = 'xxxxxxxx', $db_password = 'xxxxxxxx', $db_server, $q_result, $db_err,
$db_name = "scatty85_phptest";
// Constructor connect to server and select database
function __construct() {
$this->db_server = mysql_connect($this->db_hostname,$this->db_username,$this->db_password);
mysql_select_db($this->db_name, $this->db_server);
}
// Query database
function query_db($query_string) {
$this->q_result = mysql_query($query_string,$this->db_server);
} // END query_db
// Number of rows from query
function q_rows() {
if ($this->q_result) {
return mysql_num_rows($this->q_result);
}
} // END q_rows
// Number of affected rows from query
function q_affected() {
if ($this->q_result) {
return mysql_affected_rows($this->q_result, $this->db_server);
}
} // END q_affected
// Clean data
function mysql_entities_fix_string($string) {
return htmlentities(mysql_fix_string($string));
} // END mysql_entities_fix_string
private function mysql_fix_string($string) {
if (get_magic_quotes_gpc()) $string = stripslashes($string);
return mysql_real_escape_string($string);
} // END mysql_fix_string
}
?>