我正在慢慢地學習,並通過編碼進步,所以我希望有人能夠快速查看這個函數,並告訴我是否看起來我在正確的軌道上,我如何可以做得更好,或者我可能會讓自己失敗。我對C的世界很陌生,所以請對我輕鬆 - 但要坦誠直率。strncpy和代碼的效率
void test(char *username, char *password) {
printf("Checking password for %s - pw: %s\n",username,password);
char *query1 = "SELECT password FROM logins WHERE email = '";
char *query2 = "' LIMIT 1";
char *querystring = malloc(strlen(query1) + strlen(username) + strlen(query2) * sizeof(char));
strncpy(querystring,query1,strlen(query1));
strncat(querystring,username,strlen(username));
strncat(querystring,query2,strlen(query2));
printf("Query string: %s\n",querystring);
mysql_query(mysql_con,querystring);
MYSQL_RES *result = mysql_store_result(mysql_con);
int num_fields = mysql_num_fields(result);
int num_rows = mysql_num_rows(result);
if (num_rows != 0) {
MYSQL_ROW row;
printf("Query returned %i results with %i fields\n",num_rows,num_fields);
row = mysql_fetch_row(result);
printf("Password returned: %s\n",row[0]);
int comparison = strncmp(password, row[0], strlen(password));
if (comparison == 0) {
printf("Passwords match!\n");
} else {
printf("Passwords do NOT match!\n");
}
} else {
printf("No such user... Password is invalid");
}
free(querystring);
}
目前,它正在...輸出:
Checking password for [email protected] - pw: 5f4dcc3b5aa765d61d8327deb882cf99
Query string: SELECT password FROM logins WHERE email = '[email protected]' LIMIT 1
Query returned 1 results with 1 fields
Password returned: 5f4dcc3b5aa765d61d8327deb882cf99
Passwords match!
調用:
test("[email protected]","5f4dcc3b5aa765d61d8327deb882cf99");
我正在尋找輸入有關如何我可以與合作字符串更好,或者如果我有這樣的事情有任何不可預見的問題。我對C中的數據結構非常陌生。
這個問題似乎是題外話題,因爲它是關於代碼審查(嘗試http:// codereview。stackexchange.com)。 – 2014-08-29 22:20:17
,我注意到我弄糟了if語句和final else語句的格式......對不起。 – 2014-08-29 22:23:07
'strncpy'和'strncat'和'malloc'被錯誤地使用。如果這段代碼似乎有效,那麼它很巧合 – 2014-08-29 22:24:27