Are Accessors in Objects Bad Form?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
linchay
Forum Newbie
Posts: 7
Joined: Thu Mar 06, 2008 1:34 pm

Are Accessors in Objects Bad Form?

Post by linchay »

I here pro's and con's about using accessors. One of the advantages I see is protecting members.
Just curious what others think about this. If not using accessors how do you deal with security?

These articles are a few years old and wandering how they apply today.

Got me curious after reading this OLD forum from 2004
http://discuss.joelonsoftware.com/defau ... 3.15079.11

Then someone in the articles posted this, "Why accessors are evil"
http://www.javaworld.com/javaworld/jw-0 ... olbox.html
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Are Accessors in Objects Bad Form?

Post by Eran »

Accessors have nothing to do with security but with code maintainability and encapsulation. In general, if you'd like to read and write directly to a class member, define it as public. If you'd like to make it: A. read only, B. have pre-fetch operation performed on, then use an accessor.
linchay
Forum Newbie
Posts: 7
Joined: Thu Mar 06, 2008 1:34 pm

Re: Are Accessors in Objects Bad Form?

Post by linchay »

Well I guess I mean security in that without accessors properties can be modified directly if they are public even with the proper members. Accessors to be messy and double code. Was wandering how others dealt with this, how others may protect public properties.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Are Accessors in Objects Bad Form?

Post by Christopher »

There is not one answer to your question. For example, with a ValueObject you want direct access to the properties. With PHP __set() method you can allow direct access and still provide checks for whether to actually set the value.

But perhaps what you have been reading is more about the Law Of Demeter and Tell don't Ask concepts of object design.
(#10850)
linchay
Forum Newbie
Posts: 7
Joined: Thu Mar 06, 2008 1:34 pm

Re: Are Accessors in Objects Bad Form?

Post by linchay »

arborint wrote:There is not one answer to your question. For example, with a ValueObject you want direct access to the properties. With PHP __set() method you can allow direct access and still provide checks for whether to actually set the value.

But perhaps what you have been reading is more about the Law Of Demeter and Tell don't Ask concepts of object design.
Not sure if I am following you.

Code: Select all

 
class test
{
      var $a;
 
      function a($val)
      {
           if ($a == "")
                $a = "10";
      }
     
     function __set($func, $val)
     {
           $this->$func = $val;
     }
}
 
$temp = new test();
$temp->a = "";
 
 
In this example "$a" is exposed because it is public. Is there know way to intercept setting a public property directly?
User avatar
panic!
Forum Regular
Posts: 516
Joined: Mon Jul 31, 2006 7:59 am
Location: Brighton, UK

Re: Are Accessors in Objects Bad Form?

Post by panic! »

pytrin wrote:Accessors have nothing to do with security but with code maintainability and encapsulation.

He means code security not network security.
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Are Accessors in Objects Bad Form?

Post by Eran »

visibility != security
User avatar
panic!
Forum Regular
Posts: 516
Joined: Mon Jul 31, 2006 7:59 am
Location: Brighton, UK

Re: Are Accessors in Objects Bad Form?

Post by panic! »

I don't see how that's relevant to this. This is about accessibility not visibility. Hence 'accessors'. If code outside the scope of the class can't directly manipulate it's properties then it's inherently more secure especially in a dynamically typed environment.
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Are Accessors in Objects Bad Form?

Post by Eran »

Accessors are exactly about class member visibility... If you put accessors for a member, you prevent direct manipulation of it. It's all about the interface, black box approach versus direct manipulation.

Anyway you are arguing semantics, but using visibility decisions on class members will not make your code more secure in the least (and this has nothing to do with PHP being dynamically typed...).
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Re: Are Accessors in Objects Bad Form?

Post by Luke »

I thought php was loosely typed. 8)
User avatar
panic!
Forum Regular
Posts: 516
Joined: Mon Jul 31, 2006 7:59 am
Location: Brighton, UK

Re: Are Accessors in Objects Bad Form?

Post by panic! »

pytrin wrote:Accessors are exactly about class member visibility... If you put accessors for a member, you prevent direct manipulation of it. It's all about the interface, black box approach versus direct manipulation.

Anyway you are arguing semantics, but using visibility decisions on class members will not make your code more secure in the least (and this has nothing to do with PHP being dynamically typed...).
You're still thinking about security as in NETWORK security. I said a couple of posts up I'm talking about code security. It sounds like you haven't worked on large projects with multiple developers. You need code security to stop people manipulating things at the wrong time. I'm not saying all code should have accessors, I NEVER have said that. All I'm saying is accessors with hash tables DO make code inherently more secure.



The Ninja Space Goat wrote:I thought php was loosely typed. 8)
It's both:

loosley typed=interchangeable datatypes.

dynamically typed=not declaring variables .
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Are Accessors in Objects Bad Form?

Post by Eran »

panic! wrote: You're still thinking about security as in NETWORK security. I said a couple of posts up I'm talking about code security. It sounds like you haven't worked on large projects with multiple developers. You need code security to stop people manipulating things at the wrong time. I'm not saying all code should have accessors, I NEVER have said that. All I'm saying is accessors with hash tables DO make code inherently more secure.
Don't make assumptions panic, and you are still arguing semantics. If you believe using accessors will make your code more secure from your fellow developers.. than you are dead wrong, and its a very bad attitude. Accessors are about interface, and if you don't know what that means google it up a bit.
Post Reply