|
|
| Non-WTF Job: Interface Designer/Front-end Developer at Naviance (DC) |
|
|
|
| Non-WTF Job: Interface Designer/Front-end Developer at Naviance (DC) |
| « Access Abomination | I am right and the entire Industry is wrong » |
Forget your password? Don't worry, you can still use the original invitation password that was sent to you when your account was created!
Curious to try out another's account? Don't worry, you can use the original invitation password to log in as anyone!
CREATE PROCEDURE [spAUTH]
@EMAIL VARCHAR(100),
@PSWD VARCHAR(20)
AS
SELECT USER_ID,
FIRST_NAME + ' ' + LAST_NAME AS FULL_NAME,
EMAIL,
PSWD
FROM USER
WHERE (IS_ACTIVE = 1)
AND (IS_DELETED = 0)
AND (EMAIL = @EMAIL)
AND (PSWD = @PSWD)
UNION
SELECT USER_ID,
FIRST_NAME + ' ' + LAST_NAME AS FULL_NAME,
EMAIL,
PSWD
FROM USER
WHERE (IS_ACTIVE = 1)
AND (IS_DELETED = 0)
AND (EMAIL = @EMAIL)
AND (DBO.GET_INVITATION_PWD() = @PSWD)
"After recovering from the initial shock of reading through the code," Ben adds, "I verified that DBO.GET_INVITATION_PWD() had not been updated since it was created over two years ago."
|
OMG...why would you waste all that space of an extra flag?
If you want to store something to show if the account is currently active AND whether its deleted...you just need to use a single isDeleted String!!! if isDeleted = "Yes" then the user is not active. else if isDeleted = "Pink" then they're not. To indicate the deleted state, well heck you never heard of DELETE FROM...? we can just remove them from the database. If its there its not deleted...Come on thats obvious... What? Oh well yeah i remember that requirement that you need to be able to restore a deleted user if they were deleted by accident....Yes ofcourse my solution fullfills it...after all thats what database backups are for... and we definately do one of those....were very particular...each morning i check that the back up tape has been ejected...ie backup succesfull and then i push it back in to make sure its all ready for the next one..... ... Jeeze you lot like to make things complicated. |
|
BTW, why not show a textbox on the screen with password in it and a text that says:
if this is your password and username click on enter otherwise logon with any username and global password |
| « Access Abomination | I am right and the entire Industry is wrong » |
