How is it possible to provide global information (paths, DB passwords, Timezone, ...) in a PHP Application? I know, that global variables are unsafe, but how do common CMS handle this problem? I already looked at Wordpress, but WP isn't famous for it's high security standards.
I've read a little bit about Dependency Injection, but is this the common way to handle this?
All in all I want to provide a type of global (but controlled*) information.
*Is it possible to control the provided data in a way that only authorized objects g开发者_JAVA技巧et the required information?
You can use configuration files (.ini), it's easy to use with this PHP function parse_ini_file.
You can use it like that :
config.ini
[global-information]
path : your_path
DB_passwords : your_password
Timezone : your_timezone
In your php file you can get global information like that
$ini_array= parse_ini_file("config.ini",true);
$path = $ini_array['global-information']['path'];
Dependency injection has nothing to do with security. It is a design pattern, a strategy to solve a common problem in a well-structure way.
I typically prepare a class CSettings, which provides method for all types of information, but all in a generic way by means of methods.
Then, when used in a specific application, I subclass CSettings in such a way, that it returns the correct / concrete values for the specific application.
Another way to promote information, could be e.g. the registry pattern.
There are many schools of thought on this. The most basic implementation is probably a global configuration file that sets constants using define()
I once worked with a framework that used this method extensively, coupled with singletons for Database Access and domain settings. It is still widely used, but generally deeper dependency injection, where definitions for configuration are made class specific is now considered more modern and reusable, since the single package contains all the definitions to make it work in the same file.
http://misko.hevery.com/2009/01/14/when-to-use-dependency-injection/
This is a great article about the finer points of dependency injection. The key thing to remember is that objects should only instantiate or hand off other objects if they are directly needed within the current scope. The author gets in to great detail.
There are also alot of more famous libraries like HTMLPurifier that use a configuration object that gets handed to the constructor of the object instance when it is created. This is a good approach if your object has highly complicated and nested config.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论