function attempt_login($email, $password) { //select user row from database //if row is not empty then compare the hashed passwords //return the admin object or false $user = query_select_user_by_email($email); if ($user && password_verify($password, $user['password'])) { //user found in database, and password matches //retrieve user address details: $address = query_select_address($user['userId']); $user = $user + $address; return $user; } else { //email does not match any user (boolean short-circuit), //or if it does the passwords does not match return 0; } }
function query_select_address_success() { $userId = 78; //postcondition: zip for user 78 is "postcode" assert(query_select_address($userId)['zip'] == "postcode"); }