Page 1 of 1

using if/else statement....

Posted: Fri Apr 07, 2006 4:37 am
by muo
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


hello guy

I need help on my project. I'm developing online booking system, where user'll input data into form and it will save in mysql. I want to block user (show error) when users input same data as in mysql database. here, was my coding (the output: it will directly save into database without displaying error..)

Code: Select all

<?
require "../htdocs/conn.php";

$DATE=$_POST['T1'];
$TIME=$_POST['time'];
$TIME1=$_POST['time1'];
$STAFF_ID=$_POST['staff_id'];
$FNAME=$_POST['f_name'];
$DEPT=$_POST['depart_nt'];
$PHONE=$_POST['tel'];
$PURPOSE=$_POST['purposes'];

$res1 = mysql_query ("select T1 from spec");
$result1 = mysql_query($res1);

$res2 = mysql_query ("select Time from spec");
$result2 = mysql_query($res2);

$res3 = mysql_query ("select Time1 from spec");
$result3 = mysql_query($res3);

if (($DATE != $result1) || ($TIME != $result2) || ($TIME != $result3))
{
$query = "INSERT INTO spec VALUES ( '$DATE', '$TIME', '$TIME1', '$STAFF_ID', '$FNAME', '$DEPT', '$PHONE', '$PURPOSE')";
    if (@mysql_query($query)) 
    {
	echo("<center><p>Data are saved into the system.</p></center>");	
    }
   else {
	echo("<center><p>error adding:" .mysql_error() . "</p></center>");
	}
    }


(spec - is table name)

hopefully, someone can tell me if i wrong.... :(


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Fri Apr 07, 2006 7:26 am
by feyd
Your selections against "spec" will likely never match the submission data. This is because $result1 et al will be false. Running mysql_query() on a mysql_query() result will always return false. You should only have one select query for all the three fields that match the submission data.

This single query may look like this

Code: Select all

$query = mysql_query('SELECT COUNT(*) FROM `spec` WHERE `T1` = \'' . mysql_real_escape_string($DATE) . '\' AND (`Time` = \'' . mysql_real_escape_string($TIME) . '\' OR `Time1` = \'' . mysql_real_escape_string($TIME) . '\'');
$found = (bool)mysql_num_rows($query);