kat35601 Posted December 14, 2017 Share Posted December 14, 2017 I would like help bullet proofing my code. So if you could suggest ways to handle exceptions or on better ways to write the code I have I would be grateful. <?php $db= include('/var/app/app_env.php'); $port = 22; $user = $db['cit_user']; $pass = $db['cit_pass']; $host = $db['cit_host']; $connection = NULL; $remote_file_path = "/Outbox/CCDATA.TXT"; $local_file = './cit_order_download'. date('mdY_hia') .'.co'; /////////////////////////////////////////////////////////////// //echo "<td>$host</td>"; /////////////////////////////////////////////////////////////// try { $connection = ssh2_connect($host, $port); if(!$connection){ throw new \Exception("Could not connect to $host on port $port"); } $auth = ssh2_auth_password($connection, $user, $pass); if(!$auth){ throw new \Exception("Could not authenticate with username $user and password "); } $sftp = ssh2_sftp($connection); if(!$sftp){ throw new \Exception("Could not initialize SFTP subsystem."); } $stream = fopen("ssh2.sftp://" .(int)$sftp.'//Outbox//'.'CCDATA.TXT', 'r'); $contents = stream_get_contents($stream); file_put_contents ($local_file, $contents); @fclose($stream); $connection = NULL; } catch (Exception $e) { echo "Error due to :".$e->getMessage(); } //////////////////////////////////////////////////////////////////////////////////////////////// $result_clear=''; $result_hold=''; $connect = odbc_connect($db['name'], $db['user'], $db['password']); $approve_status=array("AA","AC","AD","AX"); $decline_status=array("DA","DR","HC","CI","CR","CZ"); sleep(2); $fp = fopen($local_file, 'r'); while (!feof($fp)) { $line = fgets($fp); $order = substr($line, 69, 5); $status=substr($line, 117, 2); $assignment=substr($line, 91, 10); $order=ltrim(rtrim($order)); if (in_array($status,$approve_status)){ $file_array= array($order=> array($assignment,$status)); $clear="update m1_kf.dbo.salesorders set uompcreditstatus='CLEAR', uompschedulecolor='$status$assignment' where ompsalesorderid ='$order' and ompOrderDate > '12-9-2017'"; echo $order,$assignment,$status; echo "<br>"; $result_clear = odbc_exec($connect, $clear); } elseif (in_array($status,$decline_status)){ $hold="update m1_kf.dbo.salesorders set uompcreditstatus='HOLD', uompschedulecolor='$status$assignment' where ompsalesorderid ='$order' and ompOrderDate > '12-9-2017'"; echo $order,$assignment,$status; echo"<br>"; $result_hold = odbc_exec($connect, $hold); } } fclose($fp); odbc_close($connect); ?> Link to comment Share on other sites More sharing options...
BigB Posted December 18, 2017 Share Posted December 18, 2017 Looks cleaner than my code :-) Maybe just... Add comments throughout your code. Thought about using a class/methods? Maybe a few extra Try / Catch Nice work, don't know what other things to suggest, I am no guru. Link to comment Share on other sites More sharing options...
ginerjm Posted December 18, 2017 Share Posted December 18, 2017 There are some voices here that would frown upon using the exception methods for public viewing. If you have them enabled properly so that they end up in the error log properly then the only thing that the user should see (if at all!) is a simple message telling them that xyz failed and giving them a graceful exit. Or in the case of a failure you maybe should allow your application to work around it even. In either case you should not be showing the user any details of your operation so as to prevent unwanted access/tampering with your system. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.