📅  最后修改于: 2022-03-11 14:44:58.088000             🧑  作者: Mango
#include
#include
#include
#include
/*
Premise:
We have a top secret file that only authorized users are allowed to download, and they need a CLI tool for retrieving it.
We tasked a developer with building the server and client for this.
He built the client first, and has sent you his code for review.
What feedback, questions, or concerns would you give the developer after reviewing his client.
*/
bool userIsFound(std::string query)
{
// Pretend this method actually executes an SQL query instead of always returning true
return true;
}
void fetchHttpFile(std::string url)
{
// Pretend the code for this lives somewhere else
}
int main (int argc, char* argv[])
{
char username[20];
char password[20];
strcpy(username, argv[1]);
strcpy(password, argv[2]);
std::string query = "SELECT * FROM users WHERE username=" + std::string(username) + " AND password=" + std::string(password);
std::string url = "http://secretuser:secretpassword@www.example.com/secretfile";
if (userIsFound(query)) {
fetchHttpFile(url);
std::cout << "Downloading file: " + url;
exit (EXIT_SUCCESS);
}
else
{
std::cout << "Error downloading file: " + url + " You do not have permission.";
exit (EXIT_FAILURE);
}
}