Re: Login script problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Daniel Brown wrote:

[snip="all"]

    Reese,

    While I noticed several areas for improvement in the code (such as
being sure to exit; after calling header("Location: xxxx"); ), two
things primarily come to mind:

    Do you expect the value of $key in this condition to be a literal zero?
        $twoyears = array('alphanumeric_code1', 'alphanumeric_code2',
            'alphanumeric_code3', 'alphanumeric_code4', 'alphanumeric_code5',
            'alphanumeric_code6', 'alphanumeric_code7');
        $key = in_array($sPromocode,$twoyears);
        if($key=='0')

No, it should either be "1" if set or NULL(?) if not set, there is
nothing to set that value to "0" - only this check to see if it is
== to "0". Is this another area, like the one Casey helped with
earlier, where '!empty' was being used instead of 'isset'?

The programmer is aware that improvement is possible and we've had
some discussions in that regard, but owing to this being a "for a
friend" item and his currently declared job demands, either he is
truly swamped or he is brushing me off. I'm willing to give him
benefit of the doubt, until I'm confronted with evidence to the
contrary.

    Also, what about ISPs such as AOHell who use fully-dynamic IP
proxies that change on location, at time intervals, and are
interspersed with random changes?  Even putting that into a range
won't help, as it's likely the IP will only have the network prefix
(and perhaps the same Class B slot).

That's an area where I left detail out, my apologies. The dual login
mechanisms are geared towards accommodating this, AOHell users will
tend to be individual entities and the 'access code' mechanism is
geared towards them. Meanwhile, entities with static, assigned IP
addresses such as libraries on city networks are meant to be given
IP-based access, hence the other login validation method (which
isn't working quite right).

Reese

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux