ユーザークラスにコンストラクターがあります。
public function __construct($pdo)
{
$this->pdo = $pdo;
}
そして、それが私が通常それを実行する方法です:
Index.php:
include("config.php");
$users = new Users($pdo);
しかし、私はこのようにしたくありません。データベース接続用に別のクラスが必要でした
database.class.php を作成しました
class Database
{
public function __construct()
{
try
{
$pdo = new PDO('mysql:host='.MYSQL_HOST.';dbname=driptone', MYSQL_USER, MYSQL_PASSWORD);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo 'connected';
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
}
そして今、私はそれを次のように使用しました:
$users = new Users(new Database());
次のエラーが表示されます。
connected
Fatal error: Call to undefined method Database::prepare() in C:\xampp\htdocs\drip\class\users.class.php on line 75
静的な同じ問題も試しました。
なぜそれが起こっているのですか?どうすれば修正できますか?また、インジェクション/XSS 攻撃から保護されていますか?
/**
* Public Method Register
*
* Registers the user to the system, checking for errors.
* If error was found, it will throw new exception.
*
* @parm username The username the user posted.
* @parm password The password the user posted.
* @parm repassword The validated password the user posted.
* @parm email The email the user posted.
* @parm reemail The validated email the user posted.
* @parm day The day the user posted (for date of birth).
* @parm month The month the user posted (for date of birth).
* @parm year The year the user posted (for date of birth).
*
* @return Return true means everything is correct, register successfully.
**/
public function register($username, $password, $repassword, $email, $reemail, $day, $month, $year)
{
global $pdo;
// Check if passwords matching.
if ($password != $repassword)
{
throw new exception ("Passwords does not match.");
}
// Check if emails matching.
else if ($email != $reemail)
{
throw new exception ("Emails does not match.");
}
// The main insert query
$this->insert = $this->pdo->prepare
("
INSERT INTO users
(user_name, user_password, user_email, user_birth)
VALUES
(:username, :password, :email, :birth)
");
//Query to check if username is taken.
$this->user = $this->pdo->prepare("SELECT * FROM users WHERE user_name = :name");
$this->user->execute(array(":name" => $username));
//Query to check if email is taken.
$this->email = $this->pdo->prepare("SELECT * FROM users WHERE user_email = :email");
$this->email->execute(array(":email" => $email));
// Checking if username is taken using the query.
if ($this->user->rowCount())
{
throw new exception ("Username already in use");
}
// Checking if email is taken using the query.
else if ($this->email->rowCount())
{
throw new exception ("Email is already in use");
}
// Checking if birth of date is valid.
else if ($day > 31 || $month > 12 || $year > date('Y') || $year < 1925)
{
throw new exception ("Invalid Birth of date");
}
// Checking if password is more than 5 characters long.
else if (strlen($password) < 5)
{
throw new exception ("Password is too short");
}
else
{
// Everything is fine, insert data.
$this->insert->execute(array
(
":username" => $username,
":password" => $password,
":email" => $email,
":birth" => $day.'/'.$month.'/'.$year
));
//Send verification
$this->sendVerification($username, $email);
//Finished processing, return true.
return true;
}
}