1

I'm trying to make the transition to OOP PHP to help clean up the cluster of code I'm currently working with.

I'm using PHPass to hash passwords in my database but with this OOP approach, I can't get my head around how to call it in my class' login function.

As far as I can see, in all the places I've tried calling it, it's always declared before my class is initialised but it's still telling my it's undefined or a non-object.

db_config.php

...
require_once("PasswordHash.php"); // Location no.1 to try it
$password_hash = new PasswordHash(8, FALSE);

include_once("DB.php");
$db = new DB($db_connection);

...

init.php

//require_once("PasswordHash.php"); // Location no.2 to try it
//$password_hash = new PasswordHash(8, FALSE);

require_once("db_config.php")

..Other init stuff..

DB.php

class DB {
   ... 
   public function login() {
      // global $password_hash; -> if uncommented I get an error saying it's a non-object

      // Error here 
      $password_accepted = $password_hash->CheckPassword($p, $hp);
   } 
   ...
}

login.php

require_once("init.php");

$db->login();

I still haven't got my head fully around how class scope works in PHP so I have a feeling I'm missing something.

Improve this question
2
  • PasswordHash isn't a name of a class based on what you showed here. Commented Aug 23, 2015 at 23:42
  • My bad, that class definitely exists Commented Aug 23, 2015 at 23:53

2 Answers 2

Reset to default
2

You need to pass the hash into the class as the class has only an internal scope.

$formData = array();
$formData['email'] = '[email protected]';

require_once("PasswordHash.php"); // Location no.1 to try it
$formData['password_hash'] = new PasswordHash(8, FALSE);

include_once("DB.php");
$db = new DB($db_connection, $formData);

and in DB.php:

class DB {
  // Stores the user input form data for use within the class?
  private $formData;
  // Runs when the class is constructed
  public function __construct($formData)
  {
    // When the class is constructed then store this for local/interal use
    $this->$formData = $formData;
  }
  public function login() {
    // The boolean result of of checking of an internal method
    // that compares user credentials against the database information?
    $password_accepted = $this->CheckPassword(
      $this->formData['email'], 
      $this->formData['password_hash']
    );
  }
  private function CheckPassword($email, $pass) {
    // Do query and bind in $user and $pass
    // Return true if everthing passes
  }
}

Edit: I exaggerated the use of passing the variables into classes and methods to help you to wrap your head around this aspect of things but you could also do something like:

    ...
    $password_accepted = $this->CheckPassword();
  }
  private function CheckPassword() {
    // Do query and bind in $this->formData['email'] and $this->formData['password_hash']
    // Return true if everthing passes
  }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

Just inject the hash instance the same way you already do with the db_connection.

class DB {
    ...
    public function __construct($db_connection, $password_hash) {
        // you probably already have something like
        $this->connection = $db_connection;
        // now do the same for the hash object
        $this->pwhash = $password_hash;
    }

    public function login() {
    ...  
        $password_accepted = $this->pwhash->CheckPassword($p, $hp);
        ...
    }
}

(slightly offtopic: Database and Hash ...along with Cipher, EMail and Buffer these are my least liked classes for beginners to fiddle with)

Improve this answer

4 Comments

jinx, you owe me a beer :)
I threw in a link to the dependency injection article to avoid that :)
I haven't had too much trouble with either taking the procedural approach, just this OOP side of PHP I have never got in to before
Thanks guys, I've been meaning to look in to OAuth for a while

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.