This is what I have so far
Code: Select all
<?php
function new_code() {
$cncodeand(1111111111, 999999999);
$query = @mysql_query("SELECT code FROM users");
$iccode=mysql_query($query);
if(!$iccode) {
new_code();
}
}
?>Moderator: General Moderators
Code: Select all
<?php
function new_code() {
$cncodeand(1111111111, 999999999);
$query = @mysql_query("SELECT code FROM users");
$iccode=mysql_query($query);
if(!$iccode) {
new_code();
}
}
?>Code: Select all
/*
function declaration:
pass the username, rand string length, database link ( by reference )
*/
function createCode(&$dblink, $username, $length=999999) {
// generates a random number between 0 and the length chosen
$randnum= mt_rand(0, $length);
// create SQL statement to check for the user's code, see if it matches
$sql = 'SELECT COUNT(*) FROM `users`';
$sql.= " WHERE `username` = '{$username}' AND `code`= '{$randnum}'";
// run the query, return the result, see if it exists
$res= mysql_query($sql, $dblink);
if ( mysql_result($res,0) == 1 ) {
// recursive function call if it exists, try it all over again
createCode($dblink, $username, $length);
}
else {
// create SQL statement to update the user info
$sql = "UPDATE `users` SET `code` = '{$randnum}'";
$sql.= " WHERE `username` = '{$username}'";
$res= mysql_query($sql, $dblink);
// if the update was successful, return the data
if ( mysql_affected_rows($dblink) == 1 ) {
return $randnum;
}
else {
// if not, return FALSE
return (bool) FALSE;
}
}
}Code: Select all
$conn= mysql_connect('foo','bar','foobar');
$db= mysql_select_db('test',$conn);
// pass the username in the GET string
$username= mysql_real_escape_string($_GET['u']);
// check and call the function
if ( $randnum= createCode($conn, $username) ) {
echo 'Your information has been updated.<br />';
echo 'Your new code is: ' .$randnum;
}
else {
echo 'Update failed.<br />';
}Hmm, good point, I was looking at it from the viewpoint of creating a password or specific code for a specific user, not necessarily creating a unique code overall. I suppose since people have the ability of choosing their own passwords most of the time, it is possible more than one user could have the same `code` value anyway. Best practice to get around this issue is to store each user code as a HASH and use a unique SALT on the hash, as mentioned in a previous post.tecktalkcm0391 wrote:Thanks!,but is there anyways to make the process of creating the random number keep going until it picks a number that hasn't been used before ?
Would something like a loop work ? If so, can someone give me an example?
Code: Select all
// create SQL statement to check for the user's code, see if it matches
$sql = 'SELECT COUNT(*) FROM `users`';
$sql.= " WHERE `code`= '{$randnum}'";Good point, and there should be an auto-incremented PRIMARY KEY for each record. I think in this case, however, it's a unique code for some purpose, and obviously the other user's could simply guess at some other user's code, anywhere from 1 to N as long as there are at least N users in the system.arborint wrote:I am wondering why you are trying to create a random number rather than just using an autoincrement field with will provide the next unique id in the sequence for each INSERT.
Well, that's in your DB table design. You're using MySQL, so it's relatively easy to implement this. The only reason I didn't think of it before is (as I mentioned), I wasn't thinking in lines of creating an overall unique code, simply unique to the user (although it would very likely be both). Using a UNIQUE index is actually an easier practice, as intecktalkcm0391 wrote:How could I go about doing something link:The other way to go about this would be to use a UNIQUE index on that particular column, and if the INSERT failed due to a redundant field value, your logic could regenerate a new key, etc.
Code: Select all
/*
function declaration:
pass the username, rand string length, database link ( by reference )
*/
function createCode(&$dblink, $username, $length=999999) {
// generates a random number between 0 and the length chosen
$randnum= mt_rand(0, $length);
// query to update the user's `code` value
$sql = "UPDATE `users` SET `code` = '{$randnum}'";
$sql.= " WHERE `username` = '{$username}'";
// the actual query call
$res= mysql_query($sql, $dblink);
// if mysql_affected_rows returns 1, we know it updated ok
if ( mysql_affected_rows($dblink) != 1 ) {
// the query failed, let's regenerate a code value
createCode(&$dblink, &$username, &$length);
}
else {
return $randnum;
}
}
$conn= mysql_connect('foo','bar','foobar')
OR die('CONN::<br />'.mysql_error());
$db= mysql_select_db('test',$conn)
OR die('DB::<br />'.mysql_error());
$username= mysql_real_escape_string($_GET['u'],$conn);
$randnum= createCode($conn, $username);
echo "Your new unique code is: {$randnum}";Code: Select all
ALTER TABLE `users` ADD UNIQUE (`code`);The code I've shown will do exactly that.tecktalkcm0391 wrote:Ok, but how can I make incoorperate:
1.) if code is not in database give rand. code
2.) if code is in database try again, until it finds a code.
Code: Select all
$randnum= mt_rand(111111, 999999);
// or in the case of two parameters
$randnum= mt_rand($start, $end);