Secure OOP connection in PHP for advanced web development

Web application security is the process of protecting websites and online services against different security threats that exploit vulnerabilities in an application’s code. Common targets for web application attacks are content management systems (e.g., WordPress), database administration tools (e.g., phpMyAdmin), and SaaS applications.

So basically it is good to write codes and programs that would really stand the test of time, actually with wasting much of the time, I am going to write some codes which can be implemented in designing the backend of a website for performing basic crud operations and also real-time setting up and implementation of different security features, and am going to deploy this secure code in an MVC pattern using PHP.

Basically, for connection in PHP, we need to specify the database variables and various functions that would inter-work amongst themselves, now as I earlier said, we would be using the MVC pattern which means that I would be writing the code using classes.

To get started, you must have the PHP server installed in your computer system, either through xampp, Mamp, wamp, or even the PHP inbuilt development server.

Create a folder: Class.php

Now it is in this folder that we would be creating our database connection files which would aid seriously in linking our files and tables together for maximal results. Now write the code below inside a file named databaseconnection.php

<?php
class DBController {
    private $host = "localhost";
    private $user = "root";
    private $password = "";
    private $database = "crud_example";
    private $conn;
    function __construct() {
        $this->conn = $this->connectDB();
    }
    function connectDB() {
        $conn = mysqli_connect($this->host,$this->user,$this->password,$this->database);
        return $conn;
    }
    function runBaseQuery($query) {
        $resultset='';
        $result = $this->conn->query($query);
        if ($result->num_rows > 0) {
            while($row = $result->fetch_assoc()) {
                $resultset[] = $row;
            }
        }
        return $resultset;
    }
    function runQuery($query, $param_type, $param_value_array) {
        $sql = $this->conn->prepare($query);
        $this->bindQueryParams($sql, $param_type, $param_value_array);
        $sql->execute();
        $result = $sql->get_result();
        if ($result->num_rows > 0) {
            while($row = $result->fetch_assoc()) {
                $resultset[] = $row;
            }
        }
        if(!empty($resultset)) {
            return $resultset;
        }
    }
    function bindQueryParams($sql, $param_type, $param_value_array) {
        $param_value_reference[] = & $param_type;
        for($i=0; $i<count($param_value_array); $i++) {
            $param_value_reference[] = & $param_value_array[$i];
        }
        call_user_func_array(array(
            $sql,
            'bind_param'
        ), $param_value_reference);
    }
    function insert($query, $param_type, $param_value_array) {
        $sql = $this->conn->prepare($query);
        $this->bindQueryParams($sql, $param_type, $param_value_array);
        $sql->execute();
        $insertId = $sql->insert_id;
        return $insertId;
    }
    function update($query, $param_type, $param_value_array) {
        $sql = $this->conn->prepare($query);
        $this->bindQueryParams($sql, $param_type, $param_value_array);
        $sql->execute();
    }
}
?>

Then you have created a base class for the secure connection in PHP, now remember prepared statements in PHP, they are one of the most secure forms of writing codes in PHP, because they specify beforehand the data type of a variable before it is passed to the database, so even if a wrong data type is input may be due to a malicious attack from a hacker, the attack remains Null and void.
see ya’

John Danielhttps://firmwarefile.co
Android biggest Fan and a Tech Nerd

Related Articles

[Flash File] Realme 7 Pro RMX2170 Firmware Download [Stock Rom]

In this article, we are going to provide you with all the Realme 7 Pro RMX2170 firmware flash file ready for download. Also, we are...

[Flash File] Realme 7 RMX2151 Firmware Download [Stock Rom]

In this article, we are going to provide you with all the Realme 7 RMX2151 firmware flash file ready for download. Also, we are going...

[Flash File] Realme C12 RMX2189 Firmware Download [Stock Rom]

In this article, we are going to provide you with all the Realme C12 RMX2189 firmware flash file ready for download. Also, we are going...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

How Has Technology Transformed The Healthcare Sector?

The world is fast evolving owing to the astounding rate at which technology has been growing in recent years. The growth in technology has...

Ways In Which Technology Has Changed Lifestyle of People

In the last few years, the advent of technology has shaped human lives in previously unfathomable ways. It has not only offered tools of...

Pro tips to manage freelance web designing projects

Being a Freelance web designer has its own advantages and so the challenges. As here, you are not only pursuing web designing, but you are building...

Common Mobile Phone Problems With Solution

Just as human beings cannot be perfect, a mobile phone cannot be. There are a lot of times when your mobile phone starts facing...

7 Steps to Keeping Your Employees Safe in the Workplace

Workplace safety should always be one of the top priorities for any business owner, manager, foreman, or HR professional – especially if they work...