User class doesn't work

Naxon · August 10th, 2011, 09:26 AM

Hi,

I just got the PHP and MySQL book and started using it. I wrote the User class and tried to add a user through it, and nothing happens. No error or something, but just nothing happens.

PHP Code:


			
<?php
    class User
    {
        private $uid;
        private $fields;
        
        public function __construct()
        {
            $this->uid = null;
            $this->fields = array(
                'username' => '',
                'password' => '',
                'email' => '',
                'isActive' => false
            );
        }
        
        public function __get($field)
        {
            if ($field == "id")
                return $this->uid;
            else
            {
                if (array_key_exists($field, $this->fields))
                    return $this->fields[$field];
            }
        }
        
        public function __set($field, $value)
        {
            if (array_key_exists($field, $this->fields))
                $this->fields[$field] = $value;
        }
        
        public static function validateUsername($username)
        {
            return preg_match("/^[A-Z0-9]{2, 20}$/i", $username);
        }
        
        public static function validateEmail($email)
        {
            return filter_var($email, FILTER_VALIDATE_EMAIL);
        }
        
        public static function getById($id)
        {
            $user = new User();
            
            $query = sprintf("SELECT `username`,`password`,`email`,`is_active` FROM `%suser` WHERE `id`='%d'", DB_TBL_PREFIX, $id);
            $result = mysql_query($query, $GLOBALS['DB']);
            
            if (mysql_num_rows($result))
            {
                $row = mysql_fetch_assoc($result);
                
                $user->uid = $id;
                $user->username = $row['username'];
                $user->password = $row['password'];
                $user->email = $row['email'];
                $user->isActive = $row['is_active'];
            }
            mysql_free_result($result);
            
            return $user;
        }
        
        public function getByUsername($username)
        {
            $user = new User();
            
            $query = sprintf("SELECT `username`,`password`,`email`,`is_active` FROM `%suser` WHERE `username`='%d'", DB_TBL_PREFIX, mysql_real_escape_string($username, $GLOBALS['DB']));
            $result = mysql_query($query, $GLOBALS['DB']);
            
            if (mysql_num_rows($result))
            {
                $row = mysql_fetch_assoc($result);
                
                $user->uid = $id;
                $user->username = $row['username'];
                $user->password = $row['password'];
                $user->email = $row['email'];
                $user->isActive = $row['is_active'];
            }
            mysql_free_result($result);
            
            return $user;
        }
        
        public function save()
        {
            if ($this->uid)
            {
                $query = sprintf("UPDATE `%suser` SET `username`='%s', `password`='%s', `email`='%s', `is_active`='%d' WHERE `id`='%d'", DB_TBL_PREFIX, mysql_real_escape_string($this->username, $GLOBALS['DB']), mysql_real_escape_string($this->password, $GLOBALS['DB']), mysql_real_escape_string($this->email, $GLOBALS['DB']), $this->isActive);
                return mysql_query($query, $GLOBALS['DB']);
            }
            else
            {
                $query = sprintf("INSERT INTO `%suser` (`username`,`password`,`email`,`is_active`) VALUES ('%s','%s','%s','%s')", DB_TBL_PREFIX, mysql_real_escape_string($this->username, $GLOBALS['DB']), mysql_real_escape_string($this->password, $GLOBALS['DB']), mysql_real_escape_string($this->email, $GLOBALS['DB']), $this->isActive);
                if (mysql_query($query, $GLOBALS['DB']))
                {
                    $this->uid = mysql_insert_id($GLOBALS['DB']);
                    return true;
                }
                else
                    return false;
            }
            
            public function setInactive()
            {
                $this->isActive = false;
                $this->save();
                
                $token = random_text(5);
                $query = sprintf("INSERT INTO `%spending` (`user_id`,`token`) VALUES ('%d','%s')", DB_TBL_PREFIX, $token);
                return (mysql_query($query, $GLOBALS['DB'])) ? $token : false;
            }
            
            public function setActive($token)
            {
                $query = sprintf("SELECT `token` FROM `%spending` WHERE `user_id`='%d' AND `token`='%s'", DB_TBL_PREFIX, $this->uid, mysql_real_escape_string($token, $GLOBALS['DB']));
                $result = mysql_query($query, $GLOBALS['DB']);
                
                if (!mysql_num_rows($result))
                {
                    mysql_free_result($result);
                    return false;
                }
                else
                {
                    mysql_free_result($result);
                    $query = sprintf("DELETE FROM `%spending` WHERE `user_id`='%d' AND `token`='%s'", DB_TBL_PREFIX, $this->uid, mysql_real_escape_string($token, $GLOBALS['DB']));
                    
                    if (!mysql_query($query, $GLOBALS['DB']))
                        return false;
                    else
                    {
                        $this->isActive = true;
                        return $this->save();
                    }
                }
            }
        }
    }

PHP Code:


			
<?php
    include "db.php";
    include "User.php";
    
    $user = new User();
    $user->username = "daniel";
    $user->password = sha1("secret");
    $user->email = "[email protected]";
    $user->save();

kenj · August 12th, 2011, 07:43 PM

Hi Naxon,

Thank you for putting your code here,
that is helpful.

There are some issues in the User.php you have
posted here.

There is a missing parenthesis on the function save() at the end
of the function.
There is also an extra parenthesis at the bottom of the file.
In the function save, in both query statements,
you need to change the column email to "EMAIL_ADDR",
otherwise mysql_query will fail.
Be sure to change this in any other queries as well.
In these same queries you need to change the name of the table
from user to USER (assuming that is how you named it in the database).

There is one issue in your short script that calls
User.php. You need to change
user->email to user->emailAddr.
The script will still write to the database okay, it
just won't write the email address.

If you have not already done so, you may want
to add a line to your short script to log errors.
For example,

PHP Code:


			
   ini_set('error_log','./php.error.log');

For your query statements, use mysql_error(), it will show
what is wrong with your query. Example

PHP Code:


			
$result = mysql_query($query, $GLOBALS['DB']);
if (!$result) {
   die("my sql error is ", mysql_error() ); 
}

Also, even though User.php is not a program you run off
the command line, doing "php User.php" on the command
line will show you syntax errors. That surfaced the
parenthesis problem.

Make sure the path to your include files is
correct relative to the directory where you are
executing the script.

You are probably already doing a lot of these
troubleshooting techniques, but maybe something
here could be useful.

For this chapter, I am using the code from the
book, not the download code, and it is working
for me.

There are some errors in Chapter 1, you may want to
read through the errata and also look at the forum
here.

I hope this helps.

Naxon · August 13th, 2011, 08:30 AM

Apparently my php.ini was configured not to display errors, so I got just a white page instead of the description of the error.

Thank's anyway!