Hi, we have been using the following codes on our site for a year and I wanted
to know if these codes are just spaghetti or its actual usable code. I know it
can be bettered a lot I just need opinions if the codes can be used a while
more until we reprogram everything as a complete CMS system.
Thanks a lot! my superiors want to know because there is another coder that
says these codes are just spaghetti.
There is more codes but i am able to access the database fine and everything
else. Of course the codes can be bettered but i dont believe its just
spaghetti! I used these codes because there was no need to reinvent the
wheel. I apreciate your help!
--
file name: SystemComponent.php
--
file name: dbconnector.php
link = mysql_connect($host, $user, $pass);
mysql_select_db($db);
register_shutdown_function(array($this, 'close'));
}
//*** Function: query, Purpose: Execute a database query ***
function query($query) {
$this-theQuery = $query;
return mysql_query($query, $this-link);
}
//*** Function: getQuery, Purpose: Returns the last database query, for
debugging ***
function getQuery() {
return $this-theQuery;
}
//*** Function: getNumRows, Purpose: Return row count, MySQL version ***
function getNumRows($result){
return mysql_num_rows($result);
}
//*** Function: fetchArray, Purpose: Get array of query results ***
function fetchArray($result) {
return mysql_fetch_array($result);
}
//*** Function: close, Purpose: Close the connection ***
function close() {
mysql_close($this-link);
}
}
?
-
File Name: Sentry.php
userdata);
session_destroy();
return true;
}
//==
// Log in, and either redirect to goodRedirect or badRedirect depending on
success
function checkLogin($user = '',$pass = '',$group = 10,$goodRedirect =
'',$badRedirect = ''){
// Include database and validation classes, and create objects
require_once('DbConnector.php');
require_once('Validator.php');
$validate = new Validator();
$loginConnector = new DbConnector();
// If user is already logged in then check credentials
if ($_SESSION['user'] $_SESSION['pass']){
// Validate session data
if (!$validate-validateTextOnly($_SESSION['user'])){return false;}
if (!$validate-validateTextOnly($_SESSION['pass'])){return false;}
$getUser = $loginConnector-query(SELECT * FROM rusers WHERE user =
'.$_SESSION['user'].' AND pass = '.$_SESSION['pass'].' AND thegroup =
.$group.' AND enabled = 1');
if ($loginConnector-getNumRows($getUser) 0){
// Existing user ok, continue
if ($goodRedirect != '') {
header(Location: .$goodRedirect.?.strip_tags(session_id())) ;
}
return true;
}else{
// Existing user not ok, logout
$this-logout();
return false;
}
// User isn't logged in, check credentials
}else{
// Validate input
if (!$validate-validateTextOnly($user)){return false;}
if (!$validate-validateTextOnly($pass)){return false;}
// Look up user in DB
$getUser = $loginConnector-query(SELECT * FROM rusers WHERE user = '$user'
AND pass = PASSWORD('$pass') AND thegroup = $group AND enabled = 1);
$this-userdata = $loginConnector-fetchArray($getUser);
if ($loginConnector-getNumRows($getUser) 0){
// Login OK, store session details
// Log in
$_SESSION[user] = $user;
$_SESSION[pass] = $this-userdata['pass'];
$_SESSION[thegroup] = $this-userdata['thegroup'];
if ($goodRedirect) {
header(Location: .$goodRedirect.?.strip_tags(session_id())) ;
}
return true;
}else{
// Login BAD
unset($this-userdata);
if ($badRedirect) {
header(Location: .$badRedirect) ;
}
return false;
}
}
}
}
?
-
filename: validator.php
errors[] = $description;
return false;
}
}
// Validate text only
function validateTextOnly($theinput,$description = ''){
$result = ereg (^[A-Za-z0-9\ ]+$, $theinput );
if ($result){
return true;
}else{
$this-errors[] = $description;
return false;
}
}
// Validate text only, no spaces allowed
function validateTextOnlyNoSpaces($theinput,$description = ''){
$result = ereg (^[A-Za-z0-9]+$, $theinput );
if ($result){
return true;
}else{
$this-errors[] = $description;
return false;
}
}
// Validate email address
function validateEmail($themail,$description = ''){
$result = ereg (^[^@ [EMAIL PROTECTED]@ ]+\.[^@ \.]+$, $themail );
if ($result){
return true;
}else{
$this-errors[] = $description;
return false;
}
}
// Validate numbers only
function validateNumber($theinput,$description = ''){
if (is_numeric($theinput)) {
return true; // The value is numeric, return true
}else{
$this-errors[] = $description; // Value not numeric! Add error description to
list of errors
return false; // Return false
}
}
// Validate date
function validateDate($thedate,$description = ''){
if (strtotime($thedate) === -1 || $thedate == '') {
$this-errors[] = $description;
return