OOP Login Class With PHP

OOP Login Class With PHP and PDO

This OOP login class has a parent class called login and two child classes called Posted and Verified. The 'Posted' class checks and validates posted data while the 'Validated' class checks for a valid session session value. The classes exist in one file while the main file which appears in the browser instantiates objects based on conditions.

The codes are shown in their entirety. You can set up the databases, copy the code and should be good to go as long as php on your server can use PDO data objects.

include("class-login-PDO-form2.php");
session_start();
$_SESSION['id'] = $_SESSION['id'];
$_SESSION['login'] = $_SESSION['login'];
$_SESSION['timestamp'] = $_SESSION['timestamp'];

$username = array();
$password = array();
$myarray = array();
$myuser = array();
$mytime = array();
$my_check = array();

if ($_POST['username'] && $_POST['password']) {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $my_posted = new Posted($username, $password);

} else {
##VERIFY SESSION

    $mytime = $_SESSION['timestamp'];
    $myuser = $_SESSION['id'];

    $my_posted = new Verified($myuser, $mytime);

}

echo "Is there an active session username: " . $_SESSION['login'];
echo "<br/>";
print_r($my_array);
?>
<form method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    Username:<br/>
    <input type="text" name="username" value=""/><br/>
    Password:<br/>
    <input type="password" name="password" value=""/><br/>
    <input type="submit" name="submit"/>
</form>


Example #1 Login, Posted and Validated Classes

class Login
{
    private $host = "localhost";
    private $user = "username";
    private $pw = "password";
    private $database = "databasename";

    public function db_connect()
    {
        $db = new PDO('mysql:host=' . $this->host . ';dbname=' . $this->database . '', $this->user, $this->pw) or die("Cannot connect to mySQL.");

        return $db;
    }

}

class Posted extends Login
{

    private $username;
    private $password;

    function __construct($username, $password)
    {
        $this->username = $username;
        $this->password = $password;

        $login2 = new Login();
        $db = $login2->db_connect();

        $command = $db->prepare("SELECT * FROM logins_test WHERE login =:login AND password = password(:password)");
        $command->bindParam(':login', $this->username);
        $command->bindParam(':password', $this->password);
        $command->execute();
        $result = $command->fetchAll();

        foreach ($result as $row) {
            $my_array[] = $row;
        }

        if (!empty($my_array)) {
            $_SESSION['id'] = $my_array[0]['id'];
            $_SESSION['login'] = $my_array[0]['login'];
            $_SESSION['timestamp'] = time();
            echo $_SESSION['id'] . " - " . $_SESSION['login'] . " - " . $_SESSION['timestamp'];
            echo "<br/>Success<br/>";

            $mytime = $_SESSION['timestamp'];
            $myuser = $_SESSION['id'];
            $command = "INSERT INTO logins_validate VALUES (NULL,:user_id, :time_current)";
            $command1 = $db->prepare($command);
            $command1->bindParam(':user_id', $myuser);
            $command1->bindParam(':time_current', $mytime);
            $command1->execute();

        } else {
            echo "Wrong username or password!";
        }

    }

}

class Verified extends Login
{

    private $mytime;
    private $myuser;

    function __construct($mytime, $myuser)
    {
        $this->mytime = $mytime;
        $this->myuser = $myuser;

        $login3 = new Login();
        $db = $login3->db_connect();

        $command = $db->prepare("SELECT * FROM logins_validate WHERE user_id =:login AND time_check = :mytime");
        $command->bindParam(':login', $this->myuser);
        $command->bindParam(':mytime', $this->mytime);
        $command->execute();
        $result = $command->fetchAll();

        foreach ($result as $row) {
            $my_check[] = $row;
        }

        if (!empty($my_check)) {
            echo "<br/>Session is validated!";
            ## ADD CUSTOM CODE HERE
        } else {
            echo "<br/>Session is not validated!";
            ## ADD CUSTOM CODE HERE
        }
    }

}


Example #2 Login, Posted and Validated Classes

The example below is very similar to the example above, except that it has a stronger object oriented approach. Go over both code blocks to see understand the varying syntax. After all, OOP if fun.

class Login
{
    private $host = "localhost";
    private $user = "username";
    private $pw = "password";
    private $database = "database_name";

    public function db_connect()
    {
        $db = new PDO('mysql:host=' . $this->host . ';dbname=' . $this->database . '', $this->user, $this->pw) or die("Cannot connect to mySQL.");

        return $db;
    }
}

class Posted extends Login
{

    private $username;
    private $password;
    private $result;
    private $my_array;

    function __construct($username, $password)
    {
        $this->username = $username;
        $this->password = $password;

        $this->login2 = new Login();
        $this->db = $this->login2->db_connect();

        $command = $this->db->prepare("SELECT * FROM logins_test WHERE login =:login AND password = password(:password)");
        $command->bindParam(':login', $this->username);
        $command->bindParam(':password', $this->password);
        $command->execute();
        $result = $command->fetchAll();
        $this->result = $result;

        //var_dump($result);
        $my_array = array();
        foreach ($this->result as $row) {

            $my_array[] = $row;
        }

        $this->my_array = $my_array;
        if (!empty($this->my_array)) {
            $_SESSION['id'] = $this->my_array[0]['id'];
            $_SESSION['login'] = $this->my_array[0]['login'];
            $_SESSION['timestamp'] = time();
            echo $_SESSION['id'] . " - " . $_SESSION['login'] . " - " . $_SESSION['timestamp'];
            echo "<br/>Success<br/>";

            $this->mytime = $_SESSION['timestamp'];
            $this->myuser = $_SESSION['id'];
            $command = "INSERT INTO logins_validate VALUES (NULL,:user_id, :time_current)";
            $command1 = $this->db->prepare($command);
            $command1->bindParam(':user_id', $this->myuser);
            $command1->bindParam(':time_current', $this->mytime);
            $command1->execute();

        } else {
            echo "Wrong username or password!";
        }

    }

}

class Verified extends Login
{

    protected $mytime;
    protected $myuser;
    private $result;
    private $my_check;

    function __construct($myuser, $mytime)
    {
        $this->myuser = $myuser;
        $this->mytime = $mytime;

        //echo $this->mytime . "<br/>";
        //echo $this->myuser . "<br/>";

        $this->login3 = new Login();
        $this->db = $this->login3->db_connect();

        $command = $this->db->prepare("SELECT * FROM logins_validate WHERE user_id =:login AND time_check = :mytime");
        $command->bindParam(':login', $this->myuser);
        $command->bindParam(':mytime', $this->mytime);
        $command->execute();
        $result = $command->fetchAll();

        $this->result = $result;

        $my_check = array();
        foreach ($result as $row) {
           $my_check[] = $row;
        }

        $this->my_check = $my_check;

        if (!empty($this->my_check)) {
            echo "<br/>Session is validated!";
            ## ADD CUSTOM CODE HERE
        } else {
            echo "<br/>Session is not validated!";
            ## ADD CUSTOM CODE HERE
        }
    }

}


Create The Databases

CREATE TABLE IF NOT EXISTS `logins_test` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `login` varchar(12) NOT NULL,
  `password` varchar(42) NOT NULL,
  `activation` varchar(40) DEFAULT NULL,
  `date_deactivated` datetime NOT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `login` (`login`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;




CREATE TABLE IF NOT EXISTS `logins_validate` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `user_id` int(11) NOT NULL,
  `time_check` int(11) unsigned NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=6 ;