Verifying Data when being submited to a database
Moderator: General Moderators
-
comrepair323
- Forum Newbie
- Posts: 4
- Joined: Thu Jun 23, 2005 4:00 pm
Verifying Data when being submited to a database
I wrote a simple form to be submited to a mysql database and wanted to know how to code it in PHP to where is wont let people submit simulare data. and if they did it would kick out a error.
Like name and email address.
I want to prevent duplicate information in my database.
Like name and email address.
I want to prevent duplicate information in my database.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
Code: Select all
if (isset($_POST['name'])) {
$result = mysql_query("SELECT * FROM `users` WHERE `name` = '".mysql_real_escape_string($_POST['name'])."'") or die(mysql_error());
if (mysql_num_rows($result) > 0) {
echo 'Name already exists in database';
}
else {
mysql_query("INSERT INTO `users` SET `name` = '".mysql_real_escape_string($_POST['name'])."'")or die(mysql_error());
}
}
Last edited by John Cartwright on Thu Jun 23, 2005 4:43 pm, edited 1 time in total.
-
comrepair323
- Forum Newbie
- Posts: 4
- Joined: Thu Jun 23, 2005 4:00 pm
How would I encorperate that with what I have now. Lets say I want it to check the first last name and email and everything is ok then it emailes me and redirects the user but if there is a duplicate then it kick out the error. but only if all three fields are the same do i want it to kick out an error.
here is the code that i have for the process.php file
here is the code that i have for the process.php file
Code: Select all
<?php
include("global.inc.php");
$errors=0;
$error="The following errors occured while processing your form input.<ul>";
pt_register('POST','FirstName');
pt_register('POST','LastName');
pt_register('POST','Email');
pt_register('POST','Phone');
pt_register('POST','MachineType');
pt_register('POST','Date');
pt_register('POST','IPAddress');
if($FirstName=="" || $LastName=="" || $Email=="" || $Phone=="" || $MachineType=="" || $Date=="" || $IPAddress=="" ){
$errors=1;
$error.="<li>You did not enter one or more of the required fields. Please go back and try again.";
}
if(!eregi("^[a-z0-9]+([_\\.-][a-z0-9]+)*" ."@"."([a-z0-9]+([\.-][a-z0-9]+)*)+"."\\.[a-z]{2,}"."$",$Email)){
$error.="<li>Invalid email address entered";
$errors=1;
}
$Date = date("l jS of F Y h:i:s A");
$IPAddress = $HTTP_SERVER_VARS["REMOTE_ADDR"];
if($errors==1) echo $error;
else{
$where_form_is="http".($HTTP_SERVER_VARS["HTTPS"]=="on"?"s":"")."://".$SERVER_NAME.strrev(strstr(strrev($PHP_SELF),"/"));
$message="First Name: ".$FirstName."
Last Name: ".$LastName."
Email: ".$Email."
Phone: ".$Phone."
Machine Type: ".$MachineType."
Date: ".$Date."
IP Address: ".$IPAddress."
";
$message = stripslashes($message);
mail("jb@belovac.com","Form Submitted at your website",$message,"From: Request Form");
$link = mysql_connect("localhost","jbell","c2du83eh");
mysql_select_db("jbell",$link);
$query="insert into user2 (First_Name,Last_Name,Email,Phone,Machine_Type,Date,IP_Address) values ('".$FirstName."','".$LastName."','".$Email."','".$Phone."','".$MachineType."','".$Date."','".$IPAddress."')";
mysql_query($query);
header("Refresh: 0;url=http://www.plasticmoldingmachinery.com/modules.php?name=video2");
?><?php
}
?>-
method_man
- Forum Contributor
- Posts: 257
- Joined: Sat Mar 19, 2005 1:38 am
-
comrepair323
- Forum Newbie
- Posts: 4
- Joined: Thu Jun 23, 2005 4:00 pm
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
-
comrepair323
- Forum Newbie
- Posts: 4
- Joined: Thu Jun 23, 2005 4:00 pm
after you select your db but before your insert statment
put these 2 lines in a if statment following the example the Jcart gave.
that should get you going.
put these 2 lines in a if statment following the example the Jcart gave.
Code: Select all
$query="insert into user2 (First_Name,Last_Name,Email,Phone,Machine_Type,Date,IP_Address) values ('".$FirstName."','".$LastName."','".$Email."','".$Phone."','".$MachineType."','".$Date."','".$IPAddress."')";
mysql_query($query);