Skip to Main Content
Forums

DevOps, CI/CD and Automation

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Sharing an Oracle connection with multiple php files

msebergJan 27 2017 — edited Jan 30 2017

PHP Version 5.4.42

oci8 Version 1.4.9

Oracle Client Version 11.2.0.1.0

------------------------------------------------------------------------------

I'm attempting to write a logon page which connects Oracle users and then redirects to another PHP file where the data is displayed etc. I do not want to hard code $username, $password or $database in any PHP file. I can pass $username, $password and $database to the second php, but this forces a second connection which I'm also trying to avoid. My connect code looks like this: ( Yes I will switch to oci_connect as I move forward )

$conn = ocilogon($username, $password, $database);

             if (!$conn) {

               $e = ocierror();

               print htmlentities($e['message']);

               exit;

        }

If I try to pass $conn I get an error stating something to the effect that $conn is a resource. I searched several of the link provided here and came up empty.

My two questions:

1. Can I pass an Oracle connection between PHP files?

2. If yes to question 1 can anybody direct me to an example or document?

Thanks!

P.S. Have also read everything I can find here:

PHP: oci_connect - Manual

This post has been answered by Christopher Jones-Oracle on Jan 29 2017
Jump to Answer

Comments

Christopher Jones-Oracle

You should look at doing 'mid tier authentication'. Start with PHP Web Auditing, Authorization and Monitoring with Oracle Database  and Database-Based Authentication for PHP Apps There are a bunch of other solutions too, since this problem is not specific to Oracle.

You will likely want to use persistent connections: oci_pconnect(), as long as your DB can cope with the load - make sure to set your Apache process limits correctly so not too many Apache processes are running, each with open connections to the DB.

In general you can pass connections between files: most apps are multi file.  You can't pass connections between HTTP requests.

A common way to avoid hard coding credentials is to use environment variables.  Oracle wallets are an Oracle solution you could look at.

1 person found this helpful
mseberg

Thanks, I've been looking at oci_pconnect. Where I'm having an issue is if I create:

$conn = oci_pconnect;

in say index.php how do pass this to the php file that index.php calls? How do I pass $conn so the user who connected does not have to connect again?

Does that make sense?

UPDATE

Wait, when you say "You can't pass connections between HTTP requests"  do you mean if my index.php opens another PHP connect I have to connect again? If yes, I have to rethink my solution some.

Thanks for your time.

Christopher Jones-Oracle
Answer

Whenever a user clicks a webpage link (which invokes Apache, which invokes PHP) then you must either pass in (1) a DB username & password, or (2) an authenticated token that your app validates before the app uses a DB username & password known to the PHP code.

Within a running PHP application, if a PHP file does something like:

require('db.php'); $c = oci_connect(...);

then $c can be passed into functions defined in db.php

Most solutions use (2).  They get the token by initially asking the user for an application username and password (which are different to the DB username and password) The links I posted previously do this.  Also see the "Oracle Database 2 Day + PHP Developer's Guide" https://docs.oracle.com/database/121/TDPPH/E18554-05.pdf

Marked as Answer by mseberg · Sep 27 2020
mseberg

OK,  Thanks.

This saves me some time.

mseberg

1 - 4
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Feb 27 2017
Added on Jan 27 2017
#php
4 comments
1,536 views