在 PHP 中存储配置变量的最佳方式是什么?

发布于 2024-07-13 20:57:33 字数 589 浏览 7 评论 0原文

我需要在 PHP 中存储一堆配置信息。

我考虑过以下内容......

// Doesn't seem right.
$mysqlPass = 'password'; 

// Seems slightly better.
$config = array(
     'mysql_pass' => 'password'
);

// Seems dangerous having this data accessible by anything. but it can't be
// changed via this method.
define('MYSQL_PASSWORD', 'password'); 

// Don't know if this is such a good idea.
class Config
{
    const static MYSQL_PASSWORD = 'password';
}     

这是我到目前为止所想到的。 我打算使用 require /config.inc.php 将此配置信息导入到我的应用程序中。

在存储配置数据方面什么对您有用?与此相关的最佳实践是什么?

I need to store a bunch of configuration information in PHP.

I have considered the following....

// Doesn't seem right.
$mysqlPass = 'password'; 

// Seems slightly better.
$config = array(
     'mysql_pass' => 'password'
);

// Seems dangerous having this data accessible by anything. but it can't be
// changed via this method.
define('MYSQL_PASSWORD', 'password'); 

// Don't know if this is such a good idea.
class Config
{
    const static MYSQL_PASSWORD = 'password';
}     

This is all I have thought of so far. I intend to import this configuration information into my application with require /config.inc.php.

What works for you with regard to storing configuration data, and what are best practices concerning this?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

飘逸的'云 2024-07-20 20:57:33

我总是选择选项#2,并确保除了所有者之外没有人可以对其进行任何形式的访问。 它是 Joomla、vBulletin、Gallery 等 PHP 应用程序中最流行的方法。

第一种方法对我来说太混乱了(可读性),第三种方法太危险了。 我从未考虑过 Class 方法,因此其他人可以提供有关该方法的意见。 但我想只要在类的使用上使用正确的访问权限就可以了。


示例..

define('EXAMPLE1', "test1"); // scenario 1
$example2 = "test2"; // scenario 2

function DealWithUserInput($input)
{
   return eval($input);
}

现在这个代码示例确实很愚蠢,但只是一个示例。 根据用户可能尝试在输入中使用的场景,考虑函数可能返回的内容。

仅当您将场景 2 设置为函数内的全局时,场景 2 才会导致问题。 否则它将超出范围且无法访问。

I've always gone with option #2 and just ensure that no one but the owner has ANY sort of access to it. It's the most popular method among PHP applications like Joomla, vBulletin, Gallery, and numerous others.

First method is too messy to me (readability) and the third is WAY too dangerous to do. I've never thought about the Class method, so someone else can provide their input on that one. But I guess it's fine so long as the right access is used on the class' usage.


Example..

define('EXAMPLE1', "test1"); // scenario 1
$example2 = "test2"; // scenario 2

function DealWithUserInput($input)
{
   return eval($input);
}

Now this example of code is really dumb, but just an example. Consider what could be returned by the function depending on which scenario the user could try to use in their input.

Scenario 2 would only cause an issue if you made it a global within the function. Otherwise it's out of scope and unreachable.

我ぃ本無心為│何有愛 2024-07-20 20:57:33

我想说这也有点取决于用户群。 如果配置必须非常用户友好,或者用户必须能够通过网络等更改配置。

我使用 Zend Config Ini 此设置和其他设置存储在 SQL DB 中。

I'd say it also depends of userbase a bit. If configurations has to be very user friendly or user has to have ability to change config via web etc.

I use Zend Config Ini for this and other settings are stored in SQL DB.

熊抱啵儿 2024-07-20 20:57:33

我通常使用第二种方法...在处理数据库连接时,我通常在请求开始时打开一个连接,然后在结束时关闭它。 我有一个建立连接的函数,然后从全局数组中删除用户名/密码(使用 unset() 函数),这可以防止系统的其他部分访问“敏感”mysql 连接数据。

I generally use the second method... When handling database connections I generally open a connection at the beginning of the request, then close it at the end. I have a function that establishes the connection, then removes the username/password from the global array (with the unset() function), This prevents other parts of the system from accessing the "sensitive" mysql connection data.

淡紫姑娘! 2024-07-20 20:57:33

对于大多数配置值,我也选择选项 2。 如果您要实现该类,那么我会将特定值与其影响的类(而不是通用配置类)联系起来。

在您的示例中,您的类将用于数据库连接,并且实例将保存密码、db_name 等。这将正确封装数据,并且还提供一种简单的方法来创建多个连接(如果需要)。

I'm also with option 2 for most config values. If you were going to implement the Class then I would tie the specific values to the Class that it affects instead of a general config Class.

In your example, your Class would be for database connections and an instance would save the password, db_name, etc. This would encapsulate the data properly and also provide an easy means to create multiple connections if that was ever needed.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文