PHP performance question

Question

Wondering which would be better for performance. The site will be viewed by people that are logged in and people that are not. The site is almost the same for the users that are logged in except they have more privledges. So I am wondering what would be more efficient.

//OPTION ONE

if(isLoggedIn()){
Write the whole web site plus the content the logged in user can access
}
else {
Write the whole website again, minus the content the logged in users can access. 
}

//OPTION TWO
Write the website content and inset the login function wherever i need to restrict the access, so the function would be called a few different times.

I am wondering if it would be better for performance using option one because the function would first be checked once, and wouldn't need to be checked again, if the user is logged in the first chunk would be loaded, if the user is not logged in, it would ignore the first chunk and load the second chunk.

Answer 1

Neither. The best option is to check for isLoggedIn once, save the result, and do ifs inside the source to swap in each place.

Answer 2

The second option is negligibly more performance heavy, but is your better option as it produces less code duplication.

Also, if you cache the result of isLoggedIn() in a static var, you do not have to perform all your checks with every call of the method. You can check your static var and jump out early.

function isLoggedIn() {
    static $is_logged_in = null;

    if(!is_null($is_logged_in)) {
        return $is_logged_in;
    }

    //... user is known not to have valid credentials

    $is_logged_in = false;

    // ... User has been validated 

    $is_logged_in = true;

    //...


}

Answer 3

Both.

You don't want to check isLoggedIn() everytime (especially if it's going to hit the database) because that will be slow. But you don't want to have 2 versions of HTML either because it's unmaintainable.

Check it once at the top and set a variable (or use a session variable and check that). Then in the HTML use if statements against the variable to determine what to show. For example:

PHP:

$logged_in = false;
if(isLoggedIn() ) {
     $logged_in = true;
}

HTML:

<?php if($logged_in) { ?>
<div>
     Super-secret needs a login stuff
</div>
<?php } else { ?>
<div>
     Sorry! You have to login to see this cool stuff
</div>
<?php } ?>

Answer 4

我会说，如果可以的话，请为未登录的用户保留一个缓存的版本，并在他们登录时生成所有内容。

Answer 5

For separation of concerns, it might be viable to let the client browser add functions for logged in users. Meaning you send out one static version of the website, and Javascript checks client-side for the presence of a login cookie. If it's present the few additional GUI elements or permissable links are displayed.

The obvious pitfall being that JS disabled browsers would not see anything. Unless you decorate elements with CSS .optional-func and disable/enable that:

if (!document.cookies.match(/login/)) { $(".user-funcs").hide(); }