Proposing SQL Statement Coverage Metrics: Difference between revisions
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 37: | Line 37: | ||
[[File:Sess-figure-3.png|thumb|'''Figure 3. Example login form''']] | [[File:Sess-figure-3.png|thumb|'''Figure 3. Example login form''']] | ||
Usernames typically consist of alphanumeric characters, underscores, periods and dashes. Passwords also typically consist of these character ranges and additionally allow for some other non-alphanumeric characters such as $, ^ or #. The authentication mechanism functions by a code segment resembling the one in Figure 4. Assume there exists some table maintaining a list of all usernames, passwords, and most likely some indication of the role of each unique username. | Usernames typically consist of alphanumeric characters, underscores, periods and dashes. Passwords also typically consist of these character ranges and additionally allow for some other non-alphanumeric characters such as $, ^ or #. The authentication mechanism functions by a code segment resembling the one in Figure 4. Assume there exists some table maintaining a list of all usernames, passwords, and most likely some indication of the role of each unique username. | ||
<code> | |||
//for simplicity, this example is given in PHP. | |||
//first, extract the input values from the form | |||
$username = $_POST[‘username’]; | |||
$password = $_POST[‘password’]; | |||
//query the database for a user with username/pw | |||
$result = mysql_query( | |||
“select * from users where username = | |||
‘$username’ AND password = ‘$password’”); | |||
//extract the first row of the resultset | |||
$firstresult = mysql_fetch_array($result); | |||
//extract the “role” column from the result | |||
$role = $firstresult[‘role’]; | |||
//set a cookie for the user with their role | |||
setcookie(“userrole”, $role); | |||
</code> | |||
<center>'''Figure 4. Example authentication code'''</code> | |||
== 9. References == | == 9. References == | ||