The Practicality of OO PHP
Subject:   Security Concerns
Date:   2005-08-02 13:28:43
From:   mr_peanut
Response to: Security Concerns

Hello Roy,

Thanks for your comment. As you said, this wouldn't be very wise to include the username/password information in the DataExtraction class. My examples, however, do in fact use a seperate class to store the username and password information (not to mention all MySQL functions). Though, I could be further secured by including those additional MySQL functions in yet a third file; however, I was striving for some sort of simplicity as you mentioned, so people could get the general idea behind the benefits of OO PHP).

There is actually a zip file full of support files that go along with this article which I thought was available, but I am guessing it never posted. I will try to get them up as soon as possible so users can see there is more than just the one file involved (dataextractionclass.php).

I appreciate your insight to security issues--they are always important, even for the smallest of sites. (For example, just recently a fellow PHP'er contacted me and told me about his troubles from someone who hacked his PHP forms and sent out 80,000 e-mails. And keep in mind his site wasn't used by more than 15 to 30 users.)

In any case, this article's purpose is to be a stepping stone into the world of OO PHP, showing the benefits of using it. However, I still welcome and encourage constructive criticism, even if the criticism does not pertain to the scope of the article, because it could help answer questions or concerns of the reader. So, thanks again for your input! :-)