Discussions
Categories
- 196.9K All Categories
- 2.2K Data
- 239 Big Data Appliance
- 1.9K Data Science
- 450.3K Databases
- 221.7K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 550 MySQL Community Space
- 478 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3K ORDS, SODA & JSON in the Database
- 545 SQLcl
- 4K SQL Developer Data Modeler
- 187K SQL & PL/SQL
- 21.3K SQL Developer
- 295.9K Development
- 17 Developer Projects
- 138 Programming Languages
- 292.6K Development Tools
- 107 DevOps
- 3.1K QA/Testing
- 646K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 155 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.1K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 18 Java Essentials
- 160 Java 8 Questions
- 86K Java Programming
- 80 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 204 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 440 LiveLabs
- 38 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 171 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 232 Portuguese
Sharing an Oracle connection with multiple php files
PHP Version 5.4.42
oci8 Version 1.4.9
Oracle Client Version 11.2.0.1.0
------------------------------------------------------------------------------
I'm attempting to write a logon page which connects Oracle users and then redirects to another PHP file where the data is displayed etc. I do not want to hard code $username, $password or $database in any PHP file. I can pass $username, $password and $database to the second php, but this forces a second connection which I'm also trying to avoid. My connect code looks like this: ( Yes I will switch to oci_connect as I move forward )
$conn = ocilogon($username, $password, $database);
if (!$conn) {
$e = ocierror();
print htmlentities($e['message']);
exit;
}
If I try to pass $conn I get an error stating something to the effect that $conn is a resource. I searched several of the link provided here and came up empty.
My two questions:
1. Can I pass an Oracle connection between PHP files?
2. If yes to question 1 can anybody direct me to an example or document?
Thanks!
P.S. Have also read everything I can find here:
Best Answer
-
Whenever a user clicks a webpage link (which invokes Apache, which invokes PHP) then you must either pass in (1) a DB username & password, or (2) an authenticated token that your app validates before the app uses a DB username & password known to the PHP code.
Within a running PHP application, if a PHP file does something like:
require('db.php'); $c = oci_connect(...);
then $c can be passed into functions defined in db.php
Most solutions use (2). They get the token by initially asking the user for an application username and password (which are different to the DB username and password) The links I posted previously do this. Also see the "Oracle Database 2 Day + PHP Developer's Guide" https://docs.oracle.com/database/121/TDPPH/E18554-05.pdf
Answers
-
You should look at doing 'mid tier authentication'. Start with PHP Web Auditing, Authorization and Monitoring with Oracle Database and Database-Based Authentication for PHP Apps There are a bunch of other solutions too, since this problem is not specific to Oracle.
You will likely want to use persistent connections: oci_pconnect(), as long as your DB can cope with the load - make sure to set your Apache process limits correctly so not too many Apache processes are running, each with open connections to the DB.
In general you can pass connections between files: most apps are multi file. You can't pass connections between HTTP requests.
A common way to avoid hard coding credentials is to use environment variables. Oracle wallets are an Oracle solution you could look at.
-
Thanks, I've been looking at oci_pconnect. Where I'm having an issue is if I create:
$conn = oci_pconnect;
in say index.php how do pass this to the php file that index.php calls? How do I pass $conn so the user who connected does not have to connect again?
Does that make sense?
UPDATE
Wait, when you say "You can't pass connections between HTTP requests" do you mean if my index.php opens another PHP connect I have to connect again? If yes, I have to rethink my solution some.
Thanks for your time.
-
Whenever a user clicks a webpage link (which invokes Apache, which invokes PHP) then you must either pass in (1) a DB username & password, or (2) an authenticated token that your app validates before the app uses a DB username & password known to the PHP code.
Within a running PHP application, if a PHP file does something like:
require('db.php'); $c = oci_connect(...);
then $c can be passed into functions defined in db.php
Most solutions use (2). They get the token by initially asking the user for an application username and password (which are different to the DB username and password) The links I posted previously do this. Also see the "Oracle Database 2 Day + PHP Developer's Guide" https://docs.oracle.com/database/121/TDPPH/E18554-05.pdf
-
OK, Thanks.
This saves me some time.
mseberg