Hi, we have been using the following codes on our site for a year and I wanted to know if these codes are just spaghetti or its actual usable code. I know it can be bettered a lot I just need opinions if the codes can be used a while more until we reprogram everything as a complete CMS system.
Thanks a lot! my superiors want to know because there is another coder that says these codes are just spaghetti.
There is more codes but i am able to access the database fine and everything else. Of course the codes can be bettered but i dont believe its just spaghetti!!!!! I used these codes because there was no need to reinvent the wheel. I apreciate your help!
--------------------------------------------------
file name: SystemComponent.php
--------------------------------------------------
------------------------------------
file name: dbconnector.php
link = mysql_connect($host, $user, $pass);
mysql_select_db($db);
register_shutdown_function(array(&$this, 'close'));
}
//*** Function: query, Purpose: Execute a database query ***
function query($query) {
$this->theQuery = $query;
return mysql_query($query, $this->link);
}
//*** Function: getQuery, Purpose: Returns the last database query, for debugging ***
function getQuery() {
return $this->theQuery;
}
//*** Function: getNumRows, Purpose: Return row count, MySQL version ***
function getNumRows($result){
return mysql_num_rows($result);
}
//*** Function: fetchArray, Purpose: Get array of query results ***
function fetchArray($result) {
return mysql_fetch_array($result);
}
//*** Function: close, Purpose: Close the connection ***
function close() {
mysql_close($this->link);
}
}
?>
---------------------------------------------
File Name: Sentry.php
userdata);
session_destroy();
return true;
}
//======================================================================================
// Log in, and either redirect to goodRedirect or badRedirect depending on success
function checkLogin($user = '',$pass = '',$group = 10,$goodRedirect = '',$badRedirect = ''){
// Include database and validation classes, and create objects
require_once('DbConnector.php');
require_once('Validator.php');
$validate = new Validator();
$loginConnector = new DbConnector();
// If user is already logged in then check credentials
if ($_SESSION['user'] && $_SESSION['pass']){
// Validate session data
if (!$validate->validateTextOnly($_SESSION['user'])){return false;}
if (!$validate->validateTextOnly($_SESSION['pass'])){return false;}
$getUser = $loginConnector->query("SELECT * FROM rusers WHERE user = '".$_SESSION['user']."' AND pass = '".$_SESSION['pass']."' AND thegroup <= ".$group.' AND enabled = 1');
if ($loginConnector->getNumRows($getUser)> 0){
// Existing user ok, continue
if ($goodRedirect != '') {
header("Location: ".$goodRedirect."?".strip_tags(session_id())) ;
}
return true;
}else{
// Existing user not ok, logout
$this->logout();
return false;
}
// User isn't logged in, check credentials
}else{
// Validate input
if (!$validate->validateTextOnly($user)){return false;}
if (!$validate->validateTextOnly($pass)){return false;}
// Look up user in DB
$getUser = $loginConnector->query("SELECT * FROM rusers WHERE user = '$user' AND pass = PASSWORD('$pass') AND thegroup <= $group AND enabled = 1");
$this->userdata = $loginConnector->fetchArray($getUser);
if ($loginConnector->getNumRows($getUser)> 0){
// Login OK, store session details
// Log in
$_SESSION["user"] = $user;
$_SESSION["pass"] = $this->userdata['pass'];
$_SESSION["thegroup"] = $this->userdata['thegroup'];
if ($goodRedirect) {
header("Location: ".$goodRedirect."?".strip_tags(session_id())) ;
}
return true;
}else{
// Login BAD
unset($this->userdata);
if ($badRedirect) {
header("Location: ".$badRedirect) ;
}
return false;
}
}
}
}
?>
-----------------------------------------
filename: validator.php
errors[] = $description;
return false;
}
}
// Validate text only
function validateTextOnly($theinput,$description = ''){
$result = ereg ("^[A-Za-z0-9\ ]+$", $theinput );
if ($result){
return true;
}else{
$this->errors[] = $description;
return false;
}
}
// Validate text only, no spaces allowed
function validateTextOnlyNoSpaces($theinput,$description = ''){
$result = ereg ("^[A-Za-z0-9]+$", $theinput );
if ($result){
return true;
}else{
$this->errors[] = $description;
return false;
}
}
// Validate email address
function validateEmail($themail,$description = ''){
$result = ereg ("^[^@ ]+@[^@ ]+\.[^@ \.]+$", $themail );
if ($result){
return true;
}else{
$this->errors[] = $description;
return false;
}
}
// Validate numbers only
function validateNumber($theinput,$description = ''){
if (is_numeric($theinput)) {
return true; // The value is numeric, return true
}else{
$this->errors[] = $description; // Value not numeric! Add error description to list of errors
return false; // Return false
}
}
// Validate date
function validateDate($thedate,$description = ''){
if (strtotime($thedate) === -1 || $thedate == '') {
$this->errors[] = $description;
return false;
}else{
return true;
}
}
// Check whether any errors have been found (i.e. validation has returned false)
// since the object was created
function foundErrors() {
if (count($this->errors)> 0){
return true;
}else{
return false;
}
}
// Return a string containing a list of errors found,
// Seperated by a given deliminator
function listErrors($delim = ' '){
return implode($delim,$this->errors);
}
// Manually add something to the list of errors
function addError($description){
$this->errors[] = $description;
}
}
?>
-------------------------------------------------
filename viewing.php
This is an example of viewing the information it works fine.
query('SELECT * FROM vendors WHERE ID = '.$HTTP_GET_VARS['id']);
// Get an array containing the resulting record
$row = $connector->fetchArray($result);
?>
No Photo!";
}
else {
$photo = $row['photo'];
echo '';
}?>
Address: '.$row['address']; ?>
Telephone: '.$row['tel']; ?>
Office: '.$row['office']; ?>
Email:
_________________________________________________________________
Connect to the next generation of MSN Messenger
http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
