benanamen Posted April 24, 2018 Share Posted April 24, 2018 I was reviewing code from an old practice project for a user reg/login. The activate reg and password reset code first queries if there is a valid hash, then runs the update query. Seems to me it should be just like a registration where you attempt the insert (in this case UPDATE) and catch the failure if any which would eliminate half the code. Interested in anyone's feedback. Quote Link to comment Share on other sites More sharing options...
Psycho Posted April 24, 2018 Share Posted April 24, 2018 Without understanding the entire workflow, I would say you are correct. The current code (run a select to check for the hash and then run the update) could create a problem with a race condition - if the hash could be changed/deleted. But, there could be legitimate reasons to run a select first and run different branches of logic before proceeding to an update. Quote Link to comment Share on other sites More sharing options...
benanamen Posted April 24, 2018 Author Share Posted April 24, 2018 I would say the workflow is what you could consider a standard user registration validate email to login process and password reset. You can view the code on My GitHub at the following links https://github.com/benanamen/perfect_app/blob/master/public/activate.php https://github.com/benanamen/perfect_app/blob/master/public/reset.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.