Skip to main content

Course Progress

Loading...

Access Modifiers in PHP: Public, Private, Protected

Duration: 30 minutes
Module 2: Object-Oriented PHP

Learning Objectives

  • Master PHP programming concepts
  • Write clean, maintainable code
  • Apply best practices
  • Build dynamic applications

Building Secure Boundaries: Understanding Access Modifiers

Welcome to our exploration of PHP access modifiers! Today, we'll discover how these simple keywords—public, private, and protected—can transform your code from a chaotic open field into a well-organized structure with clear boundaries and secure interactions.

In the WordPress ecosystem, understanding access modifiers is crucial for building plugins and themes that are maintainable, secure, and play well with others. As we progress through this tutorial, we'll see how WordPress core uses these concepts and how you can apply them in your own WordPress development projects.

The Security Guards of OOP: What Are Access Modifiers?

Diagram
Class Diagram (Diagram converted to static representation) classDiagram class AccessModifiers { +public prope...

Access modifiers control the visibility of properties and methods in a class. Think of them as security clearance levels:

  • Public: Everyone has access (no restrictions)
  • Protected: Only family members have access (class itself and child classes)
  • Private: Only the class itself has access (strictly internal)

Let's use a real-world analogy to understand this better:

The House Analogy

Imagine a class as a house:

  • Public members are like the front yard and porch — anyone walking by can see and interact with them
  • Protected members are like the living room — only family members (the class and its descendants) can access them
  • Private members are like your bedroom — only you (the class itself) can access them, not even family members

Public: Open to Everyone

BlogPost Class Public Area (Anyone can access) title author content display() getTitle() External Access

When to Use Public

Use public for:

  • Methods that should be part of the class's public API
  • Properties that external code needs to access directly
  • Functionality that needs to be accessible from anywhere

Public in Action

###CODE_BLOCK_4###

In this example, all properties and methods are public, making them fully accessible from outside the class. This is simple but not always ideal for encapsulation.

Public in WordPress

WordPress uses public members extensively, especially in older code. For example, the WP_Post object has many public properties:

###CODE_BLOCK_7###

This public accessibility is why you can easily access post data in your themes and plugins.

Private: For Internal Use Only

PaymentProcessor Class Public Area processPayment() getStatus() Private Area (Only this class can access) apiKey secret validateCard() encryptData() callApi() External Access X

When to Use Private

Use private for:

  • Internal implementation details that should be hidden
  • Methods that should only be called from within the class
  • Properties that contain sensitive data or should not be directly manipulated
  • Functionality that might change in the future

Private in Action

###CODE_BLOCK_9###

In this example, the private members protect sensitive data and internal implementation details. The class provides a clean public API while hiding how it works internally.

Private in WordPress

WordPress uses private members in newer code and in areas handling sensitive operations. For example, in user authentication:

###CODE_BLOCK_10###

This prevents accidental or malicious access to sensitive data or internal methods.

Protected: Family Access Only

WP_Widget (Parent Class) Public Area widget() form() Protected Area (Available to child classes) id_base name get_field_name() get_field_id() Custom_Widget (Child Class) Public Area widget() (Override) form() (Override) Protected Area - Can Access Parent's Protected Members defaults render_content() Inheritance

When to Use Protected

Use protected for:

  • Members that should be available to child classes
  • Properties and methods that are part of the inheritance API
  • Functionality that child classes might need to override or extend
  • Internal functionality that might be shared across a family of classes

Protected in Action

###CODE_BLOCK_12###

In this example, the Base_Widget provides a framework with protected methods that child widgets can use. This creates a clean inheritance hierarchy while still maintaining encapsulation.

Protected in WordPress

WordPress uses protected members extensively in class hierarchies. For example, in the admin dashboard:

###CODE_BLOCK_14###

This pattern allows WordPress to create a flexible framework that can be extended for different admin tables (posts, pages, users, etc.) while ensuring that certain functionality remains consistent.

Practical Examples: Access Modifiers in WordPress Development

WordPress Plugin with Proper Encapsulation

###CODE_BLOCK_15###

This example demonstrates a well-structured WordPress plugin with:

  • Public methods that form the plugin's external API
  • Protected properties that extensions might need
  • Private methods and properties for internal implementation details

The plugin uses the singleton pattern, provides a clean public API, and properly encapsulates its internal workings.

Common Mistakes with Access Modifiers

Everything Is Public

###CODE_BLOCK_16###

BETTER APPROACH

###CODE_BLOCK_17###

Excessive Use of Private

###CODE_BLOCK_18###

BETTER APPROACH

###CODE_BLOCK_19###

Best Practices Summary

  • Default to private: Start by making everything private, then expose only what's needed
  • Use public carefully: Public members form your API, so choose them wisely
  • Protected for inheritance: Use protected for members that child classes will need
  • Encapsulate implementation details: Keep internal workings private
  • Think about extensibility: Consider how your class might be extended

Getter and Setter Methods: Controlled Access

A common pattern when using access modifiers is to make properties private or protected and provide public getter and setter methods:

###CODE_BLOCK_20###

Benefits of using getter and setter methods:

  • Validation: You can validate data before setting it
  • Sanitization: You can sanitize or transform data as needed
  • Format control: You can return data in different formats
  • Computed properties: You can calculate values on the fly
  • API stability: You can change internal implementation without breaking code
  • Method chaining: You can enable fluent interfaces (as shown above)

Common Access Patterns in WordPress

WordPress has evolved its coding patterns over time. Here are some common access patterns you'll see in the WordPress ecosystem:

1. Mixed Access in Core Classes

###CODE_BLOCK_21###

2. All Public in Legacy Code

###CODE_BLOCK_22###

3. Modern Encapsulated Pattern

###CODE_BLOCK_23###

4. Singleton with Private Constructor

###CODE_BLOCK_24###

Access Modifiers in Inheritance

When extending classes, understanding access modifiers becomes even more important:

Diagram
Class Diagram (Diagram converted to static representation) classDiagram class Base { +public prop1 #protected... 
###CODE_BLOCK_25###

Key points about inheritance and access modifiers:

  • Public members are inherited and accessible in child classes
  • Protected members are inherited and accessible in child classes
  • Private members are NOT accessible in child classes
  • Child classes can override public and protected methods, but not private ones
  • Child classes can declare properties with the same name as private parent properties (they'll be separate properties)

Putting It All Together: A WordPress Menu Walker

Let's apply our understanding of access modifiers to create a custom menu walker class (a common WordPress customization):

###CODE_BLOCK_26###

This example showcases:

  • Public methods that form the required Walker API
  • Protected properties and methods that child classes can override
  • Private methods for purely internal functionality
  • A child class that extends and customizes behavior by overriding protected members

Homework: Create a Simple Class with Access Modifiers

Now it's your turn to practice with access modifiers:

Assignment

Create a Post_Metadata_Manager class that could be used to manage custom post meta in WordPress. Your class should:

  1. Include at least one property of each access type (public, protected, private)
  2. Include methods of each access type (public, protected, private)
  3. Use proper encapsulation for sensitive or internal data
  4. Include getter and setter methods for accessing private properties
  5. Be designed so it could be extended by child classes

Here's a starter template to help you:

###CODE_BLOCK_28###

Complete this class with your own implementation. Consider how you would handle validation, caching, and error handling.

Additional Resources

Further Reading

Next Class Preview

In our next session, we'll explore static properties and methods in PHP, which provide a way to access class information without creating an instance. This is a powerful technique used extensively in WordPress development.