我们应该在配置文件中初始化一个 class object 吗?
[英]Should we initialize a class object inside the config file?
问题描述
Is it a good practice to initialize an object for an authentication class that does various stuff like register user, login user etc. inside a config file?
初始化 object 以进行身份验证 class 是否是一种好习惯,该身份验证在配置文件中执行各种操作,例如注册用户、登录用户等?
The config file mostly does stuff like setting db username, password and site name etc.配置文件主要用于设置数据库用户名、密码和站点名称等。
Please provide a reason if you don't find this a standard practice.如果您认为这不是标准做法,请提供原因。 Just to let you know most of the code is procedural except for this particular class.只是为了让您知道,除了这个特定的 class 之外,大部分代码都是程序性的。
// MySQL connection settings
$db_host = "localhost";
$db_user = "someuser";
$db_pass = "some pass";
$db_name = "somedb";
// Name of the site
$site_name = "MyDomainName";
$auth = new auth();//initialize Authentication class
$auth->set_auth();//Check if user autorized
4 个解决方案
解决方案1
3 已采纳 2011-06-09 10:29:36
In my opinion this is not a good idea.在我看来,这不是一个好主意。 A config file is for configuration, not for execution .配置文件用于配置,而不是用于执行。 I would put this code into a bootstrap.php, so, when you have to edit your code in the future, you know exactly where you can find your configurations and instantiations.我会将这段代码放入 bootstrap.php 中,因此,当您将来必须编辑代码时,您确切知道在哪里可以找到配置和实例化。
index.php:索引.php:
include('bootstrap.php');
bootstrap.php:引导程序.php:
include('config.php');
$auth = new auth();
$auth->set_auth();
config.php: config.php:
$db_host = "localhost";
$db_user = "someuser";
$db_pass = "some pass";
$db_name = "somedb";
解决方案2
2 2011-06-09 10:27:44
The authentication class should be responsible for authenticating, not handling user-specific functions like register/edit/delete.身份验证 class 应该负责身份验证,而不是处理用户特定的功能,如注册/编辑/删除。 The config object should be available to object needing the configuration data, not the other way around.配置 object 应该对需要配置数据的 object 可用,而不是相反。
The config file should not contain anything other then config data.配置文件不应包含除配置数据之外的任何内容。
解决方案3
2 2011-06-09 10:28:58
I wouldn't do this.我不会这样做的。 "Code" is best kept completely separate from the "configuration files" for a number of reasons.出于多种原因,最好将“代码”与“配置文件”完全分开。 One is that you might have sensitive information in the config files (eg passwords) and would want to keep them in a different repository than the code itself.一是您可能在配置文件中包含敏感信息(例如密码),并且希望将它们保存在与代码本身不同的存储库中。 Putting initialisation (which is code) into the Config will mean that it is controlled in two source repositories.将初始化(即代码)放入 Config 将意味着它在两个源存储库中进行控制。 Secondly, stuff that "runs" might not be idempotent.其次,“运行”的东西可能不是幂等的。 The new auth() might set up some state which will make "reloading" the Config a bit of a pain. new auth()可能会设置一些 state 这将使“重新加载”配置有点痛苦。
It's best you keep a "Config loader" which creates a Config object that contains instantiated classes etc. after reading information from a config file rather than put that init code directly into the file.最好保留一个“配置加载器”,它会在从配置文件读取信息后创建一个包含实例化类等的配置 object,而不是将初始化代码直接放入文件中。 Also, I wouldn't recommend using executable code as a config file (although this seems to be practice in the PHP world).此外,我不建议使用可执行代码作为配置文件(尽管这似乎是 PHP 世界的做法)。 I would use a format like .ini or yaml and load it up rather than risk evaluating code that's outside my core application.我会使用.ini或yaml之类的格式并加载它,而不是冒险评估我的核心应用程序之外的代码。
解决方案4
2 2011-06-09 11:12:40
It is good practice to abstract your code into chunks that have a single purpose, in your case: a config object and a authentication handler.将您的代码抽象为具有单一目的的块是一种很好的做法,在您的情况下:配置 object 和身份验证处理程序。 This is related to the KISS Principle , which dictates simplicity by design.这与KISS 原则有关,该原则要求设计简单。 In this case: simplicity in code.在这种情况下:代码简单。 When you're mixing code, like you're describing, your code gets more complex, because it does more things.当您混合代码时,就像您所描述的那样,您的代码会变得更加复杂,因为它会做更多的事情。
While at first it may not seem complex, this design eventually leads to complex code.虽然起初它可能看起来并不复杂,但这种设计最终会导致复杂的代码。 For instance: what if another developer joins your team?例如:如果另一个开发人员加入您的团队怎么办? You'll need to add another config, and conditions to select the right config.您需要添加另一个配置和条件到 select 正确的配置。 This is also the case when working with different environments (development/production).在使用不同的环境(开发/生产)时也是如此。 And what if in some cases you don't want to use the authentication handler?如果在某些情况下您不想使用身份验证处理程序怎么办? Maybe you're executing an action that doesn't require authentication, or better yet: when authentication is unwanted.也许您正在执行不需要身份验证的操作,或者更好的是:当不需要身份验证时。 More code, more complexity.更多的代码,更多的复杂性。
By creating chunks of code, whether this is a class, function or an include, you're using loose coupling .通过创建代码块,无论是 class、function 还是包含,您都在使用松散耦合。 This means the chunks don't know about each other, but they can interact.这意味着这些块彼此不知道,但它们可以交互。 This interaction typically is done by giving the authentication handler a config object that it can use, rather than letting the handler decide what config it uses.这种交互通常是通过为身份验证处理程序提供一个它可以使用的配置 object 来完成的,而不是让处理程序决定它使用什么配置。 This is called dependency injection and is considered a very good way of decoupling your code.这称为依赖注入,被认为是一种非常好的解耦代码的方法。
Second, quality code mostly documents itself .其次,质量代码主要是文档本身。 Let's say I have to work in your code, I don't know that including a configuration file actually does authentication.假设我必须在您的代码中工作,我不知道包含配置文件实际上会进行身份验证。 I can spend minutes, maybe hours trying to figure out why a session is created when, looking at the code, nothing seems to indicate this.我可以花几分钟甚至几个小时试图弄清楚为什么会创建 session,而在查看代码时,似乎没有任何迹象表明这一点。
In your example, I would use something like this:在你的例子中,我会使用这样的东西:
<?php
include 'config.php'; // contains function that returns config object/array
include 'auth.php'; // contains functions for authentication
// determine environment, based on server variables (ip, script path, etc)
$environment = getEnvironment($_SERVER);
// get config based on environment
$config = getConfig($environment);
// see if authentication is needed
if (needsAuthentication()) {
// perform authentication based on request variables (eg: submitted form fields)
$auth = new auth();
$auth->doAuth($config, $_REQUEST);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.