dongtu1357 2015-03-26 22:14
浏览 59
已采纳

在同一个类中使用不同的mysql用户,同时保持相同的连接?

I'm in a situation where I need to use MYSQL's LAST_INSERT_ID(), which is obviously only possible when maintaining the same connection. But as I was thinking about the way I establish my PDO connections, it occurred to me that I am probably going to run into problems.

I've got a database class with various types of connections. Inside this class, I've created different PDO connection methods based on user permissions which I call inside the PDO query methods like so...

class dbFunctions {

    private $userSelect = "userSelect";
    private $passSelect = "XXXXX";
    private $userDelete = "userDelete";
    private $passDelete = "XXXXX";

    protected function connectSelect() {
        $dsn = $this->dsn();
        $this->pdo = new PDO($dsn, $this->userSelect, $this->passSelect, $this->options);

        return $this->pdo;
    }

    protected function connectDelete() {
        $dsn = $this->dsn();
        $this->pdo = new PDO($dsn, $this->userDelete, $this->passDelete, $this->options);

        return $this->pdo;
    }

    public function selectCount($query, $values = []) {

        $result = $this->connectSelect()->prepare($query);
        $result->execute($values);
        $exec = $result->fetch();

        $count = (int)$exec['total'];

        return $count;
    }
}

My questions are...

  • Am I better off creating one global connection object with the same account/password for all queries? I did it this way for security purposes but I believe it may have drawbacks.
  • Even though these are different PDO connection objects, is PHP able to determine they are part of the same session within the same script? In which case the separate methods will be ok.
  • How can I keep separate mysql users with my current class?

Obviously I can test this on my own, but I'm unsure what the results will be when I get multiple users accessing the site.

  • 写回答

2条回答 默认 最新

  • dtn43447 2015-03-26 22:22
    关注
    • Am I better off creating one global connection object with the same account/password for all queries? I did it this way for security purposes but I believe it may have drawbacks.

    I'm no security expert. I think that if I can manage mysql users and permissions in a way that only some human accounts can delete stuff, that's some kind of security. I also think this has many complex ramifications. On the other hand, people can update to a blank string if need be...

    • Even though these are different PDO connection objects, is PHP able to determine they are part of the same session within the same script? In which case the separate methods will be ok.

    PHP objects do not seem to be persistent. We can serialize them and use __sleep() to manage their storage.

    It [sleep] can clean up the object and is supposed to return an array with the names of all variables of that object that should be serialized.

    this part might interest you:

    The intended use of __wakeup() is to reestablish any database connections that may have been lost during serialization and perform other reinitialization tasks.

    • How can I keep separate mysql users with my current class?

    With the same pattern, but make sure not to create pdo instances for each select or delete query. I tweaked it a bit to reuse the same function for both connections. Adding more is as easy as... naming new class members.

    class dbFunctions {

    // other members

    // add these
    private $instanceSelect = null; // they default to null anyway
    private $instanceDelete = null;
    private $instanceFoosball = null;

    protected function connect($what) {
        if ($this->{"instance".$what} === null) { // true the first time
            $this->{"instance".$what} = new PDO($this->dsn(), $this->{"user".$what}, $this->{"pass".$what}, $this->options);
        }
        return $this->{"instance".$what}; // always reused
    }

    public function selectCount($query, $values = []) {}
}

$result = $this->connect('Select')->prepare($query);
$result = $this->connect('Foosball')->prepare($query);
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 求帮我调试一下freefem代码
  • ¥15 matlab代码解决,怎么运行
  • ¥15 R语言Rstudio突然无法启动
  • ¥15 关于#matlab#的问题:提取2个图像的变量作为另外一个图像像元的移动量,计算新的位置创建新的图像并提取第二个图像的变量到新的图像
  • ¥15 改算法,照着压缩包里边,参考其他代码封装的格式 写到main函数里
  • ¥15 用windows做服务的同志有吗
  • ¥60 求一个简单的网页(标签-安全|关键词-上传)
  • ¥35 lstm时间序列共享单车预测,loss值优化,参数优化算法
  • ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
  • ¥100 为什么这个恒流源电路不能恒流?