So, you’re designing a new feature in PHP for an application. Like most good programmers, you have a data layer and a business logic layer. But where is your security layer?
For the most part, whenever I design a new feature, all the security goes into the business logic, because the data layer should be “dumb”. Well, this is annoying because 1) I have a lot of repeat code and 2) it’s very easy to forget something. The ideal place for it is really the data layer, but this is bad practice because you limit the data layer’s flexibility.
Then, while driving to Wendy’s for a #8 today, it hit me. The perfect security layer. Unobtrusive. Simple. Elegant.
The beauty of PHP is it allows a perfectly transparent wrapper, without a lot of code. Through the use of __get(), __set(), __call(), __isset(), and __unset(), a class can be mapped perfectly to a data object. Therefore, you can just pass a data object to a security class in the constructer. Then, anytime a function or class member is accessed, perform security checks if needed.
I haven’t designed an abstract base class for this object yet, but I am going to very soon. It should help to not only clean up code, but secure the code. Definitely going to be an addition to Wack v1.