PHP Classes

Serialised Objects for Secure Data transmission

Recommend this page to a friend!

      PHP Classes blog  >  What Are PHP Classes ...  >  All threads  >  Serialised Objects for Secure Data...  >  (Un) Subscribe thread alerts  
Subject:Serialised Objects for Secure Data...
Summary:Bets feature of Classes in PHP
Author:Arthur Nicoll
Date:2013-04-17 00:08:05
Update:2013-04-17 03:28:57

  1. Serialised Objects for Secure Data...   Reply   Report abuse  
Picture of Arthur Nicoll Arthur Nicoll - 2013-04-17 03:28:57
I came to Web Development from an extensive 3GL and Relational Database background. I crudely passed reams of data from one page to the next by creating swathes of "hidden" fields in the forms on my DHTML pages.
I found PHP Sessions a bit flakey at first (although much more robust now) so I looked for alternative ways to do things.
I now tend to have a single index.php script that uses key control variable(session ID, mode and action) - (i.e who am I, where am I and what am I doing).

This main file will include() a generic (or common) PHP include file right at the top, then based on the mode or page - an include for the relevant javascript code file (within the script tags) and based on the mode or page - an include for the relevant "body" stuff - usually within a frame that gives a generic page header and tabbed menus and provides a persistent "params" form that holds values for errormessages, popup documents etc.

The top PHP include section will usually include a master Class declaration that contains all the functionality and associated data structures relevant to the application.

As well as authentication and a whole host of applicatiion specific methods, this class will include methods to serialise and save and/or retrieve and unserialize all the various class variables. Combined with OCI methods for communicating with Oracle Databases, I can do all my server side processing, save all my variables to the database in a session table that includes a CLOB holding the serialised data then retrieve those variables when the page is recalled.

This all works a treat, is more secure than using hidden inoput fields and easier to work with than PHP sessions.