Two threads could ask for the same user name and both pass your
uniqueness test (because the user name is not yet in the database) and
then both store the username -> duplication!
The only atomic way to do this is on the insert, and use a database
constraint on the username to cause an exception (which you catch and
translate to something useful, i.e., throw a known validation
exception).
Or am I missing something subtle in your logic?
On Wed, 3 Nov 2004 11:35:40 -0800, Barney Boisvert <[EMAIL PROTECTED]> wrote:
> Absolutely I am. That's the only thing that knows for sure.
>
> public setUsername(username) {
> if (username.length() < 5)
> throw new ValidationException(...);
> if (username.length() > 15)
> throw new ValidationException(...);
> if (REfind("[^a-zA-Z0-9]", username) > 0)
> throw new ValidationException(...);
> try {
> var id = userHome.getUserIDFromUsername(username);
> // if an id exists, we need to check and see if it matches this object's
> // id, for when we're calling an update operation. the column is unsigned
> // so only positive values are allowed. getId() returns -1 for unpersisted
> // objects.
> if (id != getId())
> throw new ValidationException(...);
> } catch (InvalidUsernameException iue) {
> // good, it's unique.
> }
> }
>
> the getUserIdFromUsername method in the userHome object looks like this:
>
> public getUserIdFromUsername(username)
> throws InvalidUsernameException
> {
> var get = "";
> <cfquery ... name="get">
> SELECT id
> FROM user
> WHERE username = <cfqp value="#username#" ... />
> </cfquery>
> if (get.recordCount == 0)
>
> return get.id;
>
>
> }
>
----------------------------------------------------------
You are subscribed to cfcdev. To unsubscribe, send an email
to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev'
in the message of the email.
CFCDev is run by CFCZone (www.cfczone.org) and supported
by Mindtool, Corporation (www.mindtool.com).
An archive of the CFCDev list is available at www.mail-archive.com/[EMAIL PROTECTED]
