php OOP PDO Database connection and processes

as I am learning to code PHP with PDO and OOP, I’ve come across to this connection code. I would like to ask anybody if this is okay. I’ve tried to use this with my code and it did work fine. I was able to Login and Generated record. But does this code enough?

<?php
class db {
	private $conn;
	private $host;
	private $user;
	private $password;
	private $baseName;
	private $port;
	private $Debug;
 
    function __construct($params=array()) {
		$this->conn = false;
		$this->host = 'localhost'; //hostname
		$this->user = 'root'; //username
		$this->password = ''; //password
		$this->baseName = 'rhulibjo'; //name of your database
		$this->port = '';
		$this->debug = true;
		$this->connect();
	}
 
	function __destruct() {
		$this->disconnect();
	}
	
	function connect() {
		if (!$this->conn) {
			try {
				$this->conn = new PDO('mysql:host='.$this->host.';dbname='.$this->baseName.'', $this->user, $this->password, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));  
			}
			catch (Exception $e) {
				die('Erreur : ' . $e->getMessage());
			}
 
			if (!$this->conn) {
				$this->status_fatal = true;
				echo 'Connection BDD failed';
				die();
			} 
			else {
				$this->status_fatal = false;
			}
		}
 
		return $this->conn;
	}
 
	function disconnect() {
		if ($this->conn) {
			$this->conn = null;
		}
	}
	// FUNCTION TO EXECUTE LOGIN.
	function login($username, $password) {
		global $num_rows;
		$result = $this->conn->prepare('SELECT * FROM user_login WHERE (`username` = :username) AND (`password` = :password)');
		$result->bindParam(":username", $username);
		$result->bindParam(":password", $password);
		$ret = $result->execute();
		$num_rows = $result->rowCount();
		
		return $num_rows;
	}
	
	/* function getOne($query) {
		$result = $this->conn->prepare($query);
		$ret = $result->execute();
		if (!$ret) {
		   echo 'PDO::errorInfo():';
		   echo '<br />';
		   echo 'error SQL: '.$query;
		   die();
		}
		$result->setFetchMode(PDO::FETCH_ASSOC);
		$reponse = $result->fetch();
		
		return $reponse;
	}*/
	
	// FUNCTION TO GENERATE RECORD.
	function getAll($query) {
		$result = $this->conn->prepare($query);
		$ret = $result->execute();
		$result->setFetchMode(PDO::FETCH_ASSOC);
		$reponse = $result->fetchAll();
		
		return $reponse;
	}
	
	function execute($query) {
		if (!$response = $this->conn->exec($query)) {
			echo 'PDO::errorInfo():';
		   echo '<br />';
		   echo 'error SQL: '.$query;
		   die();
		}
		return $response;
	}

}
?>

Login code

<?php
	session_start();
	
	include('dbconnect.php');
	$db = new db();
		
	$querylogin = $db->login($_POST['username'],$_POST['password']);
	$currentuser = mysql_escape_string($_POST['username']);
	
	// Check username and password match
	if ($num_rows > 0) {
		// Set username session variable
		$_SESSION['username'] = $currentuser;
		// Jump to secured page
		header('Location: ../rhu-page/p-records.php');
	}
	else {
		// Jump to login page
		echo "<script>alert('Invalid Login Information!'); window.location = '../rhu-page/index.php'; </script>";

	}
?>

Generate Information Code

<?php

	include('dbconnect.php');
	$db = new db();
		
	$querygenerate = $db->getAll('SELECT * FROM p_record');
	
	echo "
		<div class='dataTable_wrapper'>
			<table class='table table-striped table-bordered table-hover' id='dataTables-example'>
				<thead>
					<tr>
						<th>Record ID</th>
						<th>File Number</th>
						<th>Patient Name</th>
						<th>PhilHealth ID</th>
						<th>Address</th>
					</tr>
				</thead>
					<tbody>";
					foreach($querygenerate as $generatedlist){
					//while ($response = $stmt->fetchObject()) {
						echo "<tr class='odd gradeX'>";
						echo "	<td>{$generatedlist['r_number']}</td>";
						echo "	<td>{$generatedlist['fnumber']}</td>";
						echo "	<td>{$generatedlist['fname']} {$generatedlist['mname']} {$generatedlist['lname']}</td>";
						echo "	<td>{$generatedlist['phealth']}</td>";	
						echo "	<td>{$generatedlist['address']}</td>";
						echo "</tr>";
					}
	echo "			</tbody>
			</table>
		</div>
	";
?>


Source: oop

Leave a Reply