Consider the following source code:
$uSess = uLogin($uName, $pwd);
That’s a fictional piece of code that might exist in a login script. The uLogin function, short for “user login” versus, perhaps, aLogin for “admin login”, accepts two parameters: a username and a password and assigns the result to a session variable called “uSess”.
This sort of code is very common, and I hate it. By looking at the code, there are numerous problems with how the variables and function are named that can cause long term problems. The proper naming should be:
$USER_SESSION = userLogin($username, $password);
There are two primary changes I have made.
- Globals and constants should be capitalized. While technically $password is a global variable, in this context, I am referring to variables that are accessible in any function or class, which sessions are. Since the result is being assigned to some session variable (in my example), it should either be in all caps or use the $_SESSION global array.
- No abbreviations!!! Was it passwd? Pass? Psswd? Pwd? Password? Pword? You might remember now, but you won’t in three months. And if someone else in the same namespace decides to create another variable referring to another password, things can get VERY messy when you end up with code with $pwd, $password, $pass, and $pass2 all mixed together near each other. It would have made things much simpler had each person who added the variables used a fully qualified prefix and name such that, instead, you ended up with: $password (the original), $adminPassword, $systemPassword, $databasePassword, etc.
It’s only a few more letters to type that will save you hours some day in the future. It’s worth it.