PHP - Accessing my user class from the whole app

Question

I am currently writing a login script because I am trying to learn PDO using OOP. I have a index.php page which only contain a login form. Then I have a User class, it looks like this:

<?php
include_once('database.php');
session_start();
class User{
public $id;
public $username;
public $password;
public $firstname;
public $lastname;

public function Login($username, $password) {
    $db = new Database;
    $db = $db->dbConnect();

    $query = "SELECT * FROM users WHERE username = ? AND password = ?";

    $statement = $db->prepare($query);
    $statement->bindParam(1, $username);
    $statement->bindParam(2, $password);
    $statement->execute();

    $rows = $statement->rowCount();
    $data = $statement->fetchAll();

    if( $rows == 1 ) {
        $this->id = $data[0]['id'];
        $this->username = $data[0]['username'];
        $this->password = $data[0]['password'];
        $this->firstname = $data[0]['firstname'];
        $this->lastname = $data[0]['lastname'];

        $_SESSION['SESSID'] = uniqid('', true);
        header("location: dashboard.php");
    }
}
}
?>

When the user is signed-in he/she goes to dashboard.php. I want to access the current User class from there, so I can use echo $user->username from there. But in dashboard.php, I have to declare the User class as new, so it doesn't keep all the variables.

Do you have any ideas on how i can access the User class variables in Dashboard.php which was declared in the Login-function?

Sorry for the bad explanation, but I hope you understand. Thank you in advance!

If `dashboard.php` is another PHP page, then you'll need to store the `User` object in a Session. — Henrique Barcelos, May 22 '13 at 22:35
You can also use http://framework.zend.com/manual/2.2/en/modules/zend.authentication.intro.html then you don't have to create the class and manage the session. Less code. — imel96, May 23 '13 at 00:11

score 1 · Answer 1 · answered May 22 '13 at 22:40

First off put your user class definition in another file and load it in like you do your database.php. In there you want only your class definition none of the session start business... <?php class User {....} ?> (the closing ?> is optionial).

so what you have now on your pages that need access to the user object is

<?php
include_once('database.php');
include_once('user.php');
session_start();

Then after a user has successfully logged you tuck the user in the session.

$_SESSION["user"] = $user;

Then when you want to get at it just say

$user = $_SESSION["user"];
echo $user->username;

mspir · Answer 2 · 2013-05-22T22:42:10.823

You have 2 options:

a) You store all the login info in a session. b) You only store the user ID and some sort of identifier that the user has / is logged in, and create another method that will load the information from the database each time you load the page (bad idea really)

For example, you could add the following methods to your class in order to implement the above mentioned functionality and some more:

function createUserSession(array $userData) {
   // Create / save session data 
}

function readActiveUserSession() {
   // Read current user information
}

function destroyActiveUserSession() {
   // Call to destroy user session and sign out
}

Of course, you will have to add the appropriate code to the methods.

score 0 · Accepted Answer · edited May 23 '17 at 12:28

0

What you could do is, put your user object into the session:

$obj = new Object();    
$_SESSION['obj'] = serialize($obj);    
$obj = unserialize($_SESSION['obj']);

or you could create a singleton, check out this link: Creating the Singleton design pattern in PHP5

edited May 23 '17 at 12:28

Community

1
1

answered May 22 '13 at 22:38

Petros Mastrantonas

806
1
15
41

$_SESSION is so much better than using a singleton IMO – nathan hayfield May 22 '13 at 22:40
I agree, just wanted to give another option – Petros Mastrantonas May 22 '13 at 22:43
You do not store the object serialized in the `$_SESSION`, because PHP already takes care of serializing stuff stored there. The only thing you must make sure is that the code of any class stored there is loaded before `session_start()` is called - otherwise the object will not be restored properly. Having a working autoloading would take care here as well. – Sven May 22 '13 at 23:03

PHP - Accessing my user class from the whole app

3 Answers3