Form Posting Within OO Class

I know this question can have multiple answers based on a users preference, but is it good practice to put form post variables within a class and do the database inserts all from within the class, or on the actual web page?

Say I have the following scenario, where I have a form that asks a user for a first name, last name, and e-mail address.  The form post would look like this:

<?php

if(isset($_POST['submitform'])) {
	if(empty($_POST['firstname'])) { 
		$Errors[] = 'You must enter a first name!';
	} else {
		$firstname = sanitizeFunction($_POST['firstname']);
	}

	if(empty($_POST['lastname'])) { 
		$Errors[] = 'You must enter a last name';
	} else {
		$lastname = sanitizeFunction($_POST['lastname']);
	}

	if(empty($_POST['email'])) { 
		$Errors[] = 'You must enter an e-mail address!';
	} else {
		$email = sanitizeFunction($_POST['email']);
	}
	
	if(!isset($Errors)) {
		//Form already validated and cleansed - No Errors
		$ins = mysqli_query($link, "INSERT INTO mytable (`firstname`, `lastname`, `email`) VALUES ('".$firstname."', '".$lastname."', '".$email."')") or die("Cannot complete query!");
		
		if($ins) {
			location("successpage.php");
		}
	}
}

Open in new window


Is this acceptable practice for object oriented, or would it be more wise to create a method within my class to do the database insert there. If it's the latter, what should the method look like based on the given code above?
LVL 1
t3chguyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ray PaseurCommented:
It really doesn't matter.  The reason I say that goes to the nature of object-oriented design.  We use OO techniques to make our code modular and reusable.  PHP has already buggered the modularity by making $_POST a mutable superglobal variable.  It's present in every scope and namespace.  And if you're going to reuse this piece of the script, perhaps by autoloading it, your application may be misdesigned (I'm thinking that a form for contact information should be in one and only one place in the application).  So it's kind of a thing that doesn't fit very well into the OO concept.

If you're already using a database abstraction layer you might extend either MySQLi or PDO to add database specific code, conceptually something like a method $db->put_user_data().  But I wouldn't obsess too much about it.  Either way is likely to work out well for you.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Beverley PortlockCommented:
I use a class to handle forms and the data is gathered externally into a "vars" array which contains the data in an array keyed by HTML field name. This is then passed to the form via a method

$form->setDataSet( $varsArray );

Things like database inserts are handled by a completely separate class because a class should only ever have one job. Either it handles a form or it maintains a table
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.