ManChuck

Ok so the title is an over exaggeration but I need a simple way to express how much I HATE when I see code with dozens of closing brackets because the developer was trying to fix the Unexpected $end error. Simple control structures not only help to keep code readable, it will also help in performance because you can escape code blocks with ease. To illustrate, below is an example of a function I have seen in my adventures in programming:

2. function isAuthorized($resource)
3. {
4.     $allowed = false;
5.     if ($_SESSION['loggedin'] == 1) {
6.         $user = $_SESSION['username'];
7.         if (!empty($user)) {
8.             $result = mysql_query('SELECT * FROM user_roles WHERE user = "' . $user . "'");
9.             if ($result) {
10.                 while ($resArray = mysql_fetch_array($result)) {
11.                     if ($resource == $resArray['role']) {
12.                         $allowed = true;
13.                     }
14.                 }
15.             } else {
16.                 throw new Exception('No valid results');
17.             }
18.         } else {
19.             throw new Exception('User name is invalid');
20.         }
21.     }
22.  
23.     return $allowed;
24. }

Lets just ignore the security hole and performance issues with the MySql query, just look at the structure starting with the while loop. What if that user had 100 roles assigned and the role we wanted is the 1st record? We set $allowed to true on the 1st iteration then spend 99 iterations doing nothing. We can either break the loop or just add the $allowed to the condition. I suggest adding the $allowed to the loop which will clearly state that we are looking for $allowed.

2. while (($resArray = mysql_fetch_array($result)) && !$allowed) {
3.     if ($resource == $resArray['role']) {
4.         $allowed = true;
5.     }
6. }

Ok a little better we now have a chance of breaking the loop if we find the resource early. We can still optimize this function but returning true or false based off our conditionals:

2. function isAuthorized($resource)
3. {
4.     if (!$_SESSION['loggedin'] == 1) {
5.         return false;
6.     }
7.  
8.     $user = $_SESSION['username'];
9.     if (empty($user)) {
10.         throw new Exception('User name is invalid');
11.     }
12.  
13.     $result = mysql_query('SELECT * FROM user_roles WHERE user = "' . $user . "'");
14.     if (!$result) {
15.         throw new Exception('No valid results');
16.     }
17.  
18.     while ($resArray = mysql_fetch_array($result)) {
19.         if ($resource == $resArray['role']) {
20.             return true;
21.         }
22.     }
23.  
24.     return false;
25. }

We gain a many advantages here. First PHP will not have to allocate memory for the $allowed and $user variables since they will not get called if the user is clearly not logged in. We also gain greater op-code usage by not having the parse read in else statements. The big advantage to this is how easy it is to read and make a change. Lets say we wanted to add a check for if the users session expired, by following the 1st example we would have to add a whole new block as follows:

2. function isAuthorized($resource)
3. {
4.     $allowed = false;
5.     if ($_SESSION['loggedin'] == 1) {
6.         if (date_add($_SESSION['loggedin'], '+30 min') < new DateTime("now")) {
7.             $user = $_SESSION['username'];
8.             if (!empty($user)) {
9.                 $result = mysql_query('SELECT * FROM user_roles WHERE user = "' . $user . "'");
10.                 if ($result) {
11.                     while ($resArray = mysql_fetch_array($result)) {
12.                         if ($resource == $resArray['role']) {
13.                             $allowed = true;
14.                         }
15.                     }
16.                 } else {
17.                     throw new Exception('No valid results');
18.                 }
19.             } else {
20.                 throw new Exception('User name is invalid');
21.             }
22.         } else {
23.             throw new Exception('Session has expired');
24.         }
25.     }
26.  
27.     return $allowed;
28. }

With our cleaned up structure we just add the following lines like so:

2.  
3. function isAuthorized($resource)
4. {
5.     if (!$_SESSION['loggedin'] == 1) {
6.         return false;
7.     }
8.  
9.     $user = $_SESSION['username'];
10.     if (empty($user)) {
11.         throw new Exception('User name is invalid');
12.     }
13.  
14.     if (date_add($_SESSION['loggedin'], '+30 min') < new DateTime("now")) {
15.         throw new Exception('Session has expired');
16.     }
17.  
18.     $result = mysql_query('SELECT * FROM user_roles WHERE user = "' . $user . "'");
19.     if (!$result) {
20.         throw new Exception('No valid results');
21.     }
22.  
23.     while ($resArray = mysql_fetch_array($result)) {
24.         if ($resource == $resArray['role']) {
25.             return true;
26.         }
27.     }
28.  
29.     return false;
30. }

As we can see keeping the code structured helps us understand what a function is supposed to be doing, improves our opcode performance, and helps keep making changes to a function that much easier

Well as you can see, MANCHUCK has a new look.  I switched over to Word Press because really, it takes a long time to build your own blog from scratch (which is what I was hoping to do with the old site).  It took about a day to install and configure the new look.  Hope you all enjoy

Shout out to Themetation for creating this theme.  Thanks for helping save me some time with messing around with CSS