2
\$\begingroup\$

I just wrote a PHP code to register users.

It's called through AJAX and it looks like it's too slow because it often sent me a .status = 0 that it means it took too much time to proceed.

If i replace my php function that register only by :

echo "Ok";

It always sent me a .status = 200

Could someone helps me to improve this file to make it faster ? I'm not used to code in PHP.

<?php
require_once('../config/database.php');
require_once('../config/functions.php');
$keywords = preg_split("/MyWebSite\//", getcwd());
$folder = explode('/', $keywords[1]);
if (!isset($_POST['login']) || !isset($_POST['email']) || !isset($_POST['password']) || !isset($_POST['password_check']))
{
 echo "missing some fields, did you try to edit my html?";
 die();
}
if (strlen($_POST['login']) < 5 || strlen($_POST['email']) == 0 || strlen($_POST['password']) < 5 || strlen($_POST['password_check']) < 5)
{
 echo "fieds badly filled";
 die();
}
if ($_POST['password'] != $_POST['password_check'])
{
 echo "passwords field aren't same";
 die();
}
try
{
 $db = new PDO($DB_DSN, $DB_USER, $DB_PASSWORD);
 $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // to get an exception when caught an error :)
} catch (PDOException $e) {
 print "Erreur !: " . $e->getMessage() . "<br/>";
 die();
}
$count_login = $db->prepare("SELECT COUNT(*) FROM camagru_jgengo.user WHERE login = :login");
$count_login->bindValue(':login', $_POST['login']);
$count_login->execute();
if ($count_login->fetchColumn() > 0)
{
 echo "This username already taken";
 die();
}
$count_email = $db->prepare("SELECT COUNT(*) FROM camagru_jgengo.user WHERE email = :email");
$count_email->bindValue(':email', $_POST['email']);
$count_email->execute();
if ($count_email->fetchColumn() > 0)
{
 echo "This email already taken";
 die();
}
$insert = $db->prepare('INSERT INTO camagru_jgengo.user (email, login, password, admin, validate_link, created_at) VALUES (:email, :login, :password, 0, :validate_link, :created_at)');
$arr = array(
 ":login" => $_POST['login'],
 ":password" => hash_it($_POST['password']),
 ":email" => $_POST['email'],
 ":validate_link" => hash('md5', time()),
 ":created_at" => date('Y-m-d')
 );
$insert->execute($arr);
echo "Created!\n";
mail ($_POST['email'], "[Camagru] Active your account", "To active your account click that link : http://localhost:8080/".$folder[0]."/?p=activate&hash=".$arr[':validate_link']);
?>
200_success
146k22 gold badges190 silver badges479 bronze badges
asked Apr 17, 2017 at 13:14
\$\endgroup\$
9
  • \$\begingroup\$ this question is off topic. you need profiling here, not a code review. though it could be reviewed as well, made two times shorter. \$\endgroup\$ Commented Apr 17, 2017 at 13:30
  • \$\begingroup\$ how to make it two times shorter? \$\endgroup\$ Commented Apr 17, 2017 at 13:41
  • 1
    \$\begingroup\$ @Your Questions about performance improvement aren't really off-topic here, if asked specifically for that. \$\endgroup\$ Commented Apr 17, 2017 at 13:42
  • 1
    \$\begingroup\$ How many users exists in your camagru_jgengo.user table? Does it have the correct indexes set? (an index on login and one on email) \$\endgroup\$ Commented Apr 17, 2017 at 13:43
  • 2
    \$\begingroup\$ If your DB table currently only has 2 rows, then no matter how poorly indexed your tables are, I wouldn't see a scenario where the queries would be causing your script to timeout. You need to debug this script to see where time is being spent. Also 0 is not a valid HTTP status, so it is really unclear what you mean by status = 0. Are you even sure this is a timeout problem? Voting to close as this clearly is not working code. \$\endgroup\$ Commented Apr 18, 2017 at 13:27

1 Answer 1

1
\$\begingroup\$

  1. isset can take multiple inputs, and fails if any of them is not set. So, the first if clause could become:

    if (!isset($_POST['login'], $_POST['email'], $_POST['password'], $_POST['password_check']))

  2. I personally prefer using !== so that type juggling will not happen.

    if ($_POST['password'] !== $_POST['password_check'])
  3. Instead of using SELECT COUNT(*) query to fetch existing username/email in your DB, you can instead set those columns to be UNIQUE and just go to the INSERT statement. The INSERT will fail with error code 1062.
  4. Instead of using camagru_jgengo.user everywhere, you can set the dbname in the DSN string.
  5. While not necessary, you can switch to using crypt() instead of md5 hashing. An MD5 has a higher collision chance, and since you are using it for sending emails with verification links. Using some form of salt will protect you from sending the same verification links to multiple users.
answered Jun 7, 2017 at 7:20
\$\endgroup\$
1
  • \$\begingroup\$ Hello, I could not have expect better than this answer :) Thank you a lots ! \$\endgroup\$ Commented Jun 8, 2017 at 8:01

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.