Re: Sometimes I wonder why I even started programming...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jason Pruim schreef:
So I was supposed to go home a half hour ago but that didn't happen... I hate deadlines! :P 

in my home language Pruim means prune ... you sound like you've had to suck on
one to many ;-)



Can someone tell me why this code works for setting the table name:


dunno. lets rewrite the thing shall we? let cutdown on variable usage, shorten some
names and use a verb rather than a noun to name the function ... and let's learn
about 'by reference' parameters (notice the '&' before '$table')

function authenticate($user, $pass, &$table)
{
	// do you want to stop/catch 're-authentication'?
	if ($_SESSION['loggedin'])
		return;

	// escape your data!
        $pass = mysql_real_escape_string(md5("someThingOnlyDanBrownCouldGuess".$pass));
	$name = mysql_real_escape_string($user);
	
	// only select what you need (no semi-colons [needed] to delimit the query)
	// name + password should be unique! so no real need for the LIMIT clause
        $res  = mysql_query("SELECT tableName FROM current WHERE loginName='{$name}' AND loginPassword='{$pass}' LIMIT 0,1");

	// I think a die() is overkill
	// rather an abrupt end to the script, such errors can be with more grace
	if (!$res)
		die("Wrong data supplied or database error"  .mysql_error());

	// nobody found - bad credentials, authentication failed
	if (!mysql_numrows($res))
		return false;

	// grab data
	$row = mysql_fetch_assoc($res);

	// set session data
	$_SESSION['user'] 	= $user;
        $_SESSION['loggedin'] 	= true; // use a BOOLEAN ... because "NO" equates to TRUE!

	// no idea what this 'table name' is about but ...
	// let's set the 'by reference' variable to the value we found
	$table = $row['tableName'];

	// user authenticated!
        return true;
}


which you would use like so:

$spoon = null;
if (authenticate("Jochem", "MySecret", $spoon))
	echo "authenticated! table is set to $spoon";
else
	echo "authentication failed, there is no \$spoon";


--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
japruim@xxxxxxxxxx






--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux