Singleton Pattern to store log in information

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
szucskrysz
Forum Newbie
Posts: 5
Joined: Mon Dec 15, 2008 6:15 am

Singleton Pattern to store log in information

Post by szucskrysz »

Hello guys,
I am new here and I am using PHP for a short time!
I would like to use the Singleton Pattern to store log in information about a user through several pages. Is that possible to get the stored information from the Singleton Class through several pages without using Session?
I hope my question is understandable.
Thanks
User avatar
jaoudestudios
DevNet Resident
Posts: 1483
Joined: Wed Jun 18, 2008 8:32 am
Location: Surrey

Re: Singleton Pattern to store log in information

Post by jaoudestudios »

Why must you use the singleton pattern?
szucskrysz
Forum Newbie
Posts: 5
Joined: Mon Dec 15, 2008 6:15 am

Re: Singleton Pattern to store log in information

Post by szucskrysz »

I don't have to use Singleton I was just wondering if I can use it instead of putting log in information into session variables.
User avatar
jaoudestudios
DevNet Resident
Posts: 1483
Joined: Wed Jun 18, 2008 8:32 am
Location: Surrey

Re: Singleton Pattern to store log in information

Post by jaoudestudios »

The only way to transfer information between pages using php variables is to use sessions - that is what they are there for :)
szucskrysz
Forum Newbie
Posts: 5
Joined: Mon Dec 15, 2008 6:15 am

Re: Singleton Pattern to store log in information

Post by szucskrysz »

Thanks, I have already used sessions for that, but I thought there is an other cleaver way to do that, but it seems not!
Thanks again
User avatar
jaoudestudios
DevNet Resident
Posts: 1483
Joined: Wed Jun 18, 2008 8:32 am
Location: Surrey

Re: Singleton Pattern to store log in information

Post by jaoudestudios »

Not as far as I know.

Maybe someone else wants to shed some light on this.

But from my experience sessions are the way to go - fast & secure.
szucskrysz
Forum Newbie
Posts: 5
Joined: Mon Dec 15, 2008 6:15 am

Re: Singleton Pattern to store log in information

Post by szucskrysz »

I have read somewhere that you should not store sensitive data in session because they can be manipulated!?
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Singleton Pattern to store log in information

Post by Eran »

Generally sessions are pretty secure as they are stored server-side and outside of the document root.

There are other alternatives for persistence - such as memcached, APC and database.
User avatar
jaoudestudios
DevNet Resident
Posts: 1483
Joined: Wed Jun 18, 2008 8:32 am
Location: Surrey

Re: Singleton Pattern to store log in information

Post by jaoudestudios »

Are they installed by default on php5?
szucskrysz
Forum Newbie
Posts: 5
Joined: Mon Dec 15, 2008 6:15 am

Re: Singleton Pattern to store log in information

Post by szucskrysz »

i thought that the session is sent together with the http header between the client and the server every time a file is requested.
User avatar
jaoudestudios
DevNet Resident
Posts: 1483
Joined: Wed Jun 18, 2008 8:32 am
Location: Surrey

Re: Singleton Pattern to store log in information

Post by jaoudestudios »

Are memcached, APC as secure & efficient as sessions?
User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Singleton Pattern to store log in information

Post by Eran »

Are they installed by default on php5?
No, they're PECL extensions. Just mentioning common alternatives
Are memcached, APC as secure & efficient as sessions?
They're more secure and efficient than sessions (in memory, no files).
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Re: Singleton Pattern to store log in information

Post by pickle »

Sessions are not the only PHP only option, cookies are also (technically) an option. If you only want persistence between pages, but want the data to be lost when the user closes their browser, then use sessions (I can't speak to memcache or APC - never used them).

Sessions can be hacked if you're not using an encrypted connection (and probably can even with an encrypted connection if the sneak is sneaky enough).

Session data is not transmitted off the server, but the cookie-based ID that is used as a key is transmitted. You should never be storing full credentials anywhere anyway - there should never be a need to store a password in a session.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
The_Anomaly
Forum Contributor
Posts: 196
Joined: Fri Aug 08, 2008 4:56 pm
Location: Tirana, Albania

Re: Singleton Pattern to store log in information

Post by The_Anomaly »

I agree with all that is said in this thread, but perhaps the OP is referring to using a Registry to wrap the Session variables, and make that Registry a Singleton?

That's at least what I do. I mean, I use a Session Registry for all interactions with the $_SESSION array, or anything that has to do with sessions (i.e. checking if authenticated, setting authentication status, userid, etc).

Is that perhaps what the OP is talking about?
Post Reply