class User {
private $uid;
private $fields; public function __construct() {
$this->uid = null;
$this->fields = array(
'username' => '',
'password' => '',
'emailAddr' => '',
'isActive' => false,
'permission' => 0
);
} public static function getById($user_id) {
$user = new User();
$query = sprintf('SELECT username, password, email_addr, is_active, permission FROM %suser WHERE user_id = %d',
DB_TBL_PREFIX, $user_id);
$result = mysql_query($query, $GLOBALS['DB']);
if (mysql_num_rows($result)) {
$row = mysql_fetch_assoc($result);
$user->username = $row['username'];
$user->password = $row['password'];
$user->emailAddr = $row['email_addr'];
$user->isActive = $row['is_active'];
$user->permission = $row['permission'];
$user->uid = $user_id;
}
mysql_free_result($result);
return $user;
}
} public function save() {
if ($this->uid) {
$query = sprintf('UPDATE %suser SET username = "%s", password = "%s", email_addr = "%s",
is_active = %d, permission = %d WHERE user_id = %d',
DB_TBL_PREFIX,
mysql_real_escape_string($this->username, $GLOBALS['DB']),
mysql_real_escape_string($this->password, $GLOBALS['DB']),
mysql_real_escape_string($this->emailAddr, $GLOBALS['DB']),
$this->isActive,
$this->permission,
$this->uid);
return mysql_query($query, $GLOBALS['DB']);
}
else {
$query = sprintf('INSERT INTO %suser(username, password, email_addr, is_active, permission)
VALUES("%s", "%s", "%s", %d, %d)',
DB_TBL_PREFIX,
mysql_real_escape_string($this->username, $GLOBALS['DB']),
mysql_real_escape_string($this->password, $GLOBALS['DB']),
mysql_real_escape_string($this->emailAddr, $GLOBALS['DB']),
$this->isActive,
$this->permission);
if (mysql_query($query, $GLOBALS['DB'])) {
$this->uid = mysql_insert_id($GLOBALS['DB']);
return true;
}
else
return false;
}
}为什么save()中的
$query = sprintf('UPDATE %suser SET username = "%s", password = "%s", email_addr = "%s",
is_active = %d, permission = %d WHERE user_id = %d',
DB_TBL_PREFIX,
mysql_real_escape_string($this->username, $GLOBALS['DB']),
mysql_real_escape_string($this->password, $GLOBALS['DB']),
mysql_real_escape_string($this->emailAddr, $GLOBALS['DB']),
$this->isActive,
$this->permission,
$this->uid);
可以直接用$this调用permission?不是应该用$user调用$fields中的permission才对吗?而getByID()中的
$user->username = $row['username'];
$user->password = $row['password'];
$user->emailAddr = $row['email_addr'];
$user->isActive = $row['is_active'];
$user->permission = $row['permission'];
$user->uid = $user_id;
也是这样,$user直接调用数组内的字段,为什么可以这样?
User::getById($user_id) 返回一个 User 对象
其中 $user->username = $row['username']; 之类的都是 public 属性,并不在 private $fields 之中
代码中还有 $GLOBALS['DB'],表现出极强的外联如果要用,你就用。绝不可以深究!
private $uid;
private $fields; 却要在 getById 方法中做动态共享变量赋值
本来这是php4的惯用做法,但放在php5就是垃圾了
从来没有被赋过正确的值这代码的确有点垃圾…………………………
$user->password = $row['password'];
$user->emailAddr = $row['email_addr'];
$user->isActive = $row['is_active'];
$user->permission = $row['permission'];
$user->uid = $user_id;这里,正确的做法是$user->fields['username']
下面$this也是$this->fields['username']
其实你可以在外面
$someone = User::getById('123');var_dump($someone);看看结果,你就知道这程序写失误了
不会啊很正常啊。。$row是$row = mysql_fetch_assoc($result);来的,输入‘123’当然所有为空或false啦,因为数据库里都没有ID为123这个记录的,有记录的ID都可以正确读取相应的信息的
没错啊真的有get和set方法,不过我之前觉得对这个问题没有什么关系就没有贴出来而已:private function __get($field_key) {
if ($field_key == 'userID')
return $this->uid;
else
return $this->fields[$field_key];
}
// override magic method to set properties
private function __set($field_key, $field_value) {
if (array_key_exists($field_key, $this->fields))
$this->fields[$field_key] = $field_value;
}