Hi everyone,
I've started building a php framework. I have two questions and will be very grateful if you share your oppinion with me.
Here are the questions:
1) I’ve created one front controller for my site, which acts as an entry point to it. The problem is that I have to put ajax, but I don’t think, it would be good practise to invoke other php scipts as an entry point to my site, because of security reasons. Do you agree with me? Should I use the front controller for ajax too and after that create something like strategy pattern, which decides, whether it should invoke either classes which serves ajax requests or other classes, which serves to the non-ajax requests?
2) I think to put any configurations in conf directory in xml files (or .properties files). Would it be safe for the website, because xml can be opened through browser? I will write a redirect to index.php in .htaccess, but anyway I don’t know that this is enough.
Object-oriented design advice
Moderator: General Moderators
Re: Object-oriented design advice
1) The only difference between the ajax and non-ajax classes should be in the view classes
The remaining should be reusable for both; otherwise your design is probably wrong 
2) You can put your configuration outside the document root, or deny the access via .htaccess file.
2) You can put your configuration outside the document root, or deny the access via .htaccess file.
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Object-oriented design advice
1) I would recommend that all requests go through the Front Controller. The Action Controller can determine the type and select the appropriate View.
2) If you are going to keep config data in XML files then you need to protect the directory they are in, or put it outside the public HTML directory.
2) If you are going to keep config data in XML files then you need to protect the directory they are in, or put it outside the public HTML directory.
(#10850)