Re: [PHP] Sometimes I wonder why I even started programming...

Wed, 27 Feb 2008 14:53:06 -0800 

Jason Pruim schreef:
So I was supposed to go home a half hour ago but that didn't happen... I hate deadlines! :P 

in my home language Pruim means prune ... you sound like you've had to suck on
one to many ;-)



Can someone tell me why this code works for setting the table name:


dunno. lets rewrite the thing shall we? let cutdown on variable usage, shorten 
some
names and use a verb rather than a noun to name the function ... and let's learn
about 'by reference' parameters (notice the '&' before '$table')

function authenticate($user, $pass, &$table)
{
        // do you want to stop/catch 're-authentication'?
        if ($_SESSION['loggedin'])
                return;

        // escape your data!
        $pass = 
mysql_real_escape_string(md5("someThingOnlyDanBrownCouldGuess".$pass));
        $name = mysql_real_escape_string($user);
        
        // only select what you need (no semi-colons [needed] to delimit the 
query)
        // name + password should be unique! so no real need for the LIMIT 
clause
        $res  = mysql_query("SELECT tableName FROM current WHERE loginName='{$name}' 
AND loginPassword='{$pass}' LIMIT 0,1");

        // I think a die() is overkill
        // rather an abrupt end to the script, such errors can be with more 
grace
        if (!$res)
                die("Wrong data supplied or database error"  .mysql_error());

        // nobody found - bad credentials, authentication failed
        if (!mysql_numrows($res))
                return false;

        // grab data
        $row = mysql_fetch_assoc($res);

        // set session data
        $_SESSION['user']       = $user;
        $_SESSION['loggedin']   = true; // use a BOOLEAN ... because "NO" 
equates to TRUE!

        // no idea what this 'table name' is about but ...
        // let's set the 'by reference' variable to the value we found
        $table = $row['tableName'];

        // user authenticated!
        return true;
}


which you would use like so:

$spoon = null;
if (authenticate("Jochem", "MySecret", $spoon))
        echo "authenticated! table is set to $spoon";
else
        echo "authentication failed, there is no \$spoon";


--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
[EMAIL PROTECTED]






--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
























					Reply via email to