This bunch of classes allow to easily manipulate member's data and control the access to our site. It is based on postgresql but you can easily change some function names to fit mysql.
// Table where members data is stored
define("DATA_TABLE", "members", false);
/**
* Exception to be thrown when problems with data base access occurs.
*
* @author Orlando Sebastian Romero
*/
class MemberDBException extends Exception {
public function __construct(){
parent::__construct(pg_last_error(DB_CONN), 0);
}
}
/**
* Exception to be thrown when member data can not be retrieved.
*
* @author Orlando Sebastian Romero
*/
class MemberPersistenceException extends Exception {
/**
* The specified id does not match with any member.
*/
const DOES_NOT_EXIST = 1000;
/**
* The specified username or password does not retrieve any known member.
*/
const CAN_NOT_LOGIN = 1001;
public function __construct($err_msg, $err_code){
parent::__construct($err_msg, $err_code);
}
}
/**
* This class represents a member.
* It provides methods for the easy manipulation of member data and member login.
*
* @author Orlando Sebastian Romero
*/
class Member {
// This class assumes you have your data table with the following structure.
/*
Table "public.members"
Column | Type | Modifiers
--------------+-----------------------+-------------------------------------------------------------
mem_id | integer | not null default nextval('public.members_mem_id_seq'::text)
mem_name | character varying(20) | default 'unknown'::character varying
mem_username | character varying(20) | default 'unknown'::character varying
mem_password | character varying(35) | default ''::character varying
Indexes:
"members_pkey" primary key, btree (mem_id)
*/
// If you don't, you can execute the following sentence...
/**
* The unique id of this member.
*/
protected $id = null;
/**
* The name of this member
*/
protected $name = "unknown";
/**
* The user name of this member
*/
protected $user_name = "unknown";
/**
* The password of this member (encrypted with md5)
*/
protected $enc_password = "";
//
// You should add all the information you need about a member of your site
//
/**
* Constructor. Creates a new Member object.
*
* @param id - int - The unique id for this member.
* @exception MemberPersistenceException
* @exception MemberDBException
*/
public function __construct($id){
$this -> id = abs((int)$id);
if($this -> exists()){
$this -> loadData();
}else{
throw new MemberPersistenceException("Can't find any member with id $id.", MemberPersistenceException::DOES_NOT_EXIST);
}
}
/**
* Sets the name of this member.
*/
public function setName($name){
$this -> name = pg_escape_string($name);
}
/**
* Sets the user name of this member.
*/
public function setUserName($user_name){
// You should check first if $user_name is available...
// Because of a matter of space I don't do it here...
$this -> user_name = pg_escape_string($user_name);
}
/**
* Sets the password of this member.
*/
public function setPassword($password){
$this -> password = md5($password);
}
/**
* Gets the name of this member.
*/
public function getName(){
return $this -> name;
}
/**
* Gets the user name of this member.
*/
public function getUserName(){
return $this -> user_name;
}
/**
* Gets the password of this member.
*/
public function getEncryptedPassword(){
return $this -> password;
}
/**
* Gets the id of this member.
*/
public function getId(){
return $this -> id;
}
/**
* Creates a new record in the database.
*
* @exception MemberPersistenceException
* @exception MemberDBException
* @return Member
*/
public static function createNew($name, $user_name, $password){
$name = pg_escape_string($name );
$user_name = pg_escape_string($user_name);
$password = md5($password );
$sql = "INSERT INTO " . DATA_TABLE . " (mem_name, mem_username, mem_password) VALUES ('$name', '$user_name', '$password');";
if(pg_query(DB_CONN, $sql)){
$sql = "SELECT MAX(mem_id) FROM " . DATA_TABLE . ";";
if($rs = pg_query(DB_CONN, $sql)){
$row = pg_fetch_row($rs);
pg_free_result($rs);
return new Member($row[0]);
}else{
throw new MemberDBException();
}
}else{
throw new MemberDBException();
}
}
/**
* To check the existence of a member.
*
* @exception MemberDBException
* @return boolean
*/
public function exists(){
if(!$this -> id){
return false;
}
$sql = "SELECT COUNT(*) FROM " . DATA_TABLE . " WHERE mem_id = " . $this -> id . ";";
if($rs = pg_query(DB_CONN, $sql)){
$row = pg_fetch_row($rs);
pg_free_result($rs);
return (boolean)((int)$row[0]);
}else{
throw new MemberDBException();
}
}
/**
* Loads the data of a member into this object.
*
* @exception MemberDBException
* @return boolean
*/
public function loadData(){
if(!$this -> id){
return false;
}
$sql = "SELECT * FROM " . DATA_TABLE . " WHERE mem_id = " . $this -> id . ";";
if($rs = pg_query(DB_CONN, $sql)){
$row = pg_fetch_assoc($rs);
pg_free_result($rs);
if($row){
//
// As you add information to this object, for example last name or birth date,
// you must also load it at this point.
//
$this -> name = $row["mem_name" ];
$this -> user_name = $row["mem_username"];
$this -> password = $row["mem_password"];
return true;
}else{
return false;
}
}else{
throw new MemberDBException();
}
}
/**
* Updates the record of this member in the data base.
* Don't ever forget to call this method if you want your data to be really updated in the database.
*
* @exception MemberDBException
* @return boolean
*/
public function updateData(){
if(!$this -> id){
return false;
}
$name = $this -> name;
$user_name = $this -> user_name;
$password = $this -> password;
$sql = "UPDATE " . DATA_TABLE . " SET mem_name = '$name', mem_username = '$user_name', mem_password = '$password' WHERE mem_id = " . $this -> id . ";";
if($rs = pg_query(DB_CONN, $sql)){
return (boolean)pg_affected_rows($rs);
}else{
throw new MemberDBException();
}
}
//
// You can add a delete function.
//
/**
* Tries to create a new member object based on an user name and password.
* Returns null in case there are no matching user names and passwords.
*
* @exception MemberPersistenceException
* @exception MemberDBException
* @return boolean
*/
public static function login($user_name, $password){
$sql = "SELECT mem_id FROM " . DATA_TABLE . " WHERE mem_username = '$user_name' AND mem_password = '" . md5($password) . "';";
if($rs = pg_query(DB_CONN, $sql)){
$row = pg_fetch_row($rs);
pg_free_result($rs);
if($row){
return new Member($row[0]);
}else{
throw new MemberPersistenceException("User name or password doesn't match!", MemberPersistenceException::CAN_NOT_LOGIN);
}
}else{
throw new MemberDBException();
}
}
}
?>
Usage Example:
PHP Example :
0<?php
1
2require("MemberShip.pack.inc");
3
4// Add a new member to your site...
5try{
6
7 $newMember = &Member::createNew("John", "john", "hispassword");
8 $newMemberId = $newMember -> getId(); // For example 4
9
10}catch(Exception $e){ // We catch all exceptions
11 die($e -> getMessage());
12}
13
14// Examining / Updating an old member's data...
15try{
16 $member =& new Member($_POST["member_id"]);
17 echo "Name: " . $member -> getName() . "<br>";
18 echo "User Name: " . $member -> getUserName() . "<br>";
19 $newName = "Frank";
20 $member -> setName($newName);
21 $member -> updateData();
22}catch(Exception $e){ // We catch all exceptions...
23 die($e -> getMessage());
24}
25
26// Allowing/Denying access to our site...
27try{
28 $member = &Member::login($_POST["user_name"], $_POST["password"]);
29 $_SESSION["LOGGED_USER_ID"] = $member -> getId();
30
31 echo "<h1>Welcome: " . $member -> getName() . "</h1>";
32
33}catch(MemberPersistenceException $mpe){
34 switch($mpe -> getCode()){
35 case MemberPersistenceException::CAN_NOT_LOGIN:
36 die("Sorry, but the data you provided does not match with a registered member...");
37 break;
38 }
39 die($mpe -> getMessage());
40}catch(MemberDBException $mdbe){
41 die("Sorry, there's been an error in our database, please try again...");
42}
43
44?>
Home
