Currently, we have a page called login.php
and whenever we determine that the user may need authorization for something, we include it:
if($userLevelNotHighEnough) {
require "login.php";
}
This page checks that the user is logged in, but if not, it generates a login page and exits. There are a lot of optional things that the login page does (like printing certain messages, allowing certain special logins, etc.) which are messy business logic things. These options are currently handled by setting variables in the calling script, which are accessed by login.php, i.e.:
// in calling script
if($userLevelNotHighEnough) {
$someOptionalParameter = "my value";
require "login.php";
}
/** ============================ **/
// in login.php
if(!empty($someOptionalParameter)) {
// do something
}
As you might imagine, this sort of code is prevalent throughout the codebase, and it makes adding to the codebase very difficult, especially for those who are relatively new to the code.
What alternatives are there to this sort of structure?
My initial idea was that we could make a function called checkLogin
instead and pass it an associative array of optional parameters, but this doesn't seem that much better than the current system.