Page 1 of 1

Am I using OOP Correctly here?

Posted: Thu Feb 01, 2007 8:10 am
by timclaason
This post could probably go under theory and design as well, but I'll take my chances here.

I continually work to refine my skills. As I didn't major in computer science and do not have a background in OOP, sometimes it's difficult, but I think for the most part, I'm getting the gist.

I wrote an authentication class, and although it works, I'm wondering if it ought to rethink my development paradigm:

Here's the calls to methods (I'll spare you all the backend code):

Code: Select all

if($authent->checkCredentials($username, $password)) { //checkCredentials returns 1 if the un:pw combo are a match
         $authent->destroyCurrentSession($username);
         $authent->generateNewSession($username); //Generates SID, puts in a database, along with login time
  }

   else { //Bad Login
         $authent->badLogin();
   }
Then on subsequent pages, after the user is logged in:

Code: Select all

if(!$authent->stillLoggedIn($sid)) {  //Checks database for how long user has been logged in.  Also checks if SID exists
         $authent->noLongerLoggedIn();
   }
   else {  //User is still logged in
         $authent->displayPage($_SERVER['PHP_SELF']);
   }
Any insights would be much appreciated :)

Posted: Thu Feb 01, 2007 8:41 am
by superdezign
Wow.. you have one class do everything? If you were really going for OOP, you'd have ojects interacting with one another. Everything you're doing seems like you're simply taking syntax and conditions, and translating it into plain english with the use of function names. It is well organized and easy to read, but easy to read isn't always efficient.

Posted: Thu Feb 01, 2007 8:52 am
by timclaason
I probably wouldn't have the method to actually output the page be in the same class. I just did that as a typing-saver.
Should different authentication components be in different classes?

Posted: Thu Feb 01, 2007 8:55 am
by superdezign
Well if it's exclusively for the authentcation, it's exclusively for the authentication. However, causing your class to start/initialize the session? That should be done elsewhere, and your object inserted into the session.

And yeah, the page loader could easily be replaced with require() or include().

Posted: Thu Feb 01, 2007 9:04 am
by timclaason
I never really thought of handling sessions in a separate class. Like I mentioned above, I'm pretty much a noob at this.

Thanks for your insights.

Posted: Thu Feb 01, 2007 9:08 am
by superdezign
No no, they don't have to be a separate class. You're using the same session for all of the variables in the session, correct? I mean, if you really wanted to you could make it a class, but all of your functions would be english translations of one-liners.

Seems inefficient to call a function called startTheSession() just to call session_start() whe you could have done it directly, am I right?

Posted: Thu Feb 01, 2007 9:18 am
by TheMoose
Inefficient isn't really the right word, as the extra time it takes to call that function is extremely insignificant. Inefficient? Not really, no. Redundant? Yes. If you are using a class to encapsulate another class or properties of something built in, then that is overhead that is unnecessary for the sake of making it look pretty. If you are initializing objects and doing more than just renaming functions from session_start to mySession->Start, then what you are doing is fine.

And just to clarify, separate your class responsibilities. Authentication should not be handling output, output should not be handling authentication. I know you did it just for questions sake, but it's a good motto to follow when diving into OOP.

Posted: Thu Feb 01, 2007 9:21 am
by feyd
Session handling should be in it's own class.

Remember the simple rule: methods and functions should do one "simple" thing; classes should do one thing as well, but in a larger scope.

Classes will often need other classes to function correctly.

Posted: Thu Feb 01, 2007 9:53 am
by timclaason
Should I be doing authentication, page output, session handling, etc as child classes of some other class, or should they be stand-alone classes?

Posted: Thu Feb 01, 2007 10:14 am
by Kadanis
depends on whether they need to share parent class functions/variables.

the best way is to think of it in terms of similarity. (i think the term used when i was at college was "is a") if x is a y works then x can be a child class of y. if it doesn't then it maybe that it is a stand alone class.

for example. take some classes Person User Administrator and Template.

User is a Person - so user can be a subclass of Person
Admin is a Person - ditto

User is a Admin - no, they can both be children of Person, but not each other.

Template is a Person - again, no. They would potentially have different variables, functions etc so would need to be in different hierarchies.