PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
i m unable to find it.. tat why it is happening... plz help me...
i want to stop multiple username like if "ABC" is already registered then another user cannot registered from "ABC"
i have written a code.. its looks fine but still.. its getting multiple registration..
saqib389 wrote:i m unable to find it.. tat why it is happening... plz help me...
i want to stop multiple username like if "ABC" is already registered then another user cannot registered from "ABC"
i have written a code.. its looks fine but still.. its getting multiple registration..
//Check if username already exists...
$q2 = mysql_query("SELECT * FROM `users` WHERE `username` = '".$_POST['username']."'");
$q3 = mysql_fetch_object($q2);
if($q3->username == $_POST['username']) {
die('<BR><BR>Sorry, but the username "'.$q3->username.'" is taken, please choose another.');
}
i m checking here.. but still its getting registration with existing username
please help me out.. how can i restrict the user
Two things....
1. No need to actually pull out the username data with mysql_fetch_object() when you can just check if mysql_num_rows() is greater than 0
2. Your checks are case sensitive so this could be your loophole. MySQL isn't case sensitive (AFAIK) but PHP certainly is (the bit where you check $_POST['username'] against the result member
You can also make your username field a unique key in mysql, so even if somehow your script fails you will never experience the side effects of having two users with teh same username, this would be a very smart move
Agreed, check the count on the table, the unique key is there as a backup (and I also think it provides some other benefit over "plain" indexes/. dunno)..
<?php
function sqlClean ($string)
{
if (get_magic_quotes_gpc()) {
$string = stripslashes($string);
}
return mysql_real_escape_string($string);
}
$query = "SELECT COUNT(*) AS `num` FROM `users` WHERE `username` = '" . sqlClean($_POST['username']) . "'";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
if ($row['num'] === 0) {
echo "Username is available!";
} else {
echo "Sorry, username already taken!";
}
?>
Glad I saw that!
I was looking for a way to create a filtering function and came across this
which then opened my eyes with great pleasure as I can see how to
use this as the starting point for filtering