Page 1 of 1

if statement trouble.

Posted: Sat May 19, 2007 2:19 pm
by toby_c500
Hi,

I am still adding (and having problems with...) a registration form for my site. The code below is the combined efforts of myself and a few others on here.

Basically, I have added and if statement to test if the 'loginid' has already been taken by another user.

Below is what I am having problems with. I am testing the form with new user information and the if statement returns true. I think it must be the query that is wrong. It shouldn't be returning true!

Code: Select all

$query = mysql_query ("SELECT loginid FROM members WHERE `loginid`='$loginid'");
	

if ($query){
	echo "<h1>Sorry</h1><br>Thats login name has been taken.";
	exit;
}	
This is the whole script:

Code: Select all

<?php
require 'main.inc.php';
$link = dbconnect();

$loginid = mysql_real_escape_string($_POST['loginid'], $link) or die(mysql_error());
$password = mysql_real_escape_string($_POST['password'], $link) or die(mysql_error());


$db = mysql_select_db('jobs4alltrades', $link);
$query = mysql_query ("SELECT loginid FROM members WHERE `loginid`='$loginid'");
	

if ($query){
	echo "<h1>Sorry</h1><br>Thats login name has been taken.";
	exit;
}	
if(!$link){
	echo "<h1>Sorry,</h1><br>We are having a few problems with our system. Please try again later. link";
    exit;
}
else{
   	echo "<h1>Welcome</h1><br>Your details have been stored in our database. Use the the navigation bar at the top to look for jobs.";
}




if (!$db) die('could not select the database');



$insert = "INSERT INTO members (loginid, password, firstname, surname, email,
                                                        trade, address1, address2, address3, address4,
                                                        postzip, country, yearsexp, about)
                               VALUES ('".$_POST['loginid']."', '".$_POST['password']."', '".$_POST['firstname']."',
                                                '".$_POST['surname']."', '".$_POST['email']."', '".$_POST['trade']."', '".$_POST['address1']."',
                                                '".$_POST['address2']."', '".$_POST['address3']."','".$_POST['address4']."', '".$_POST['post']."',
                                                '".$_POST['country']."','".$_POST['yearsexp']."','".$_POST['about']."')";

$result = mysql_query($insert, $link) or die("Query: $insert\n<br /.> MySQL Error: " . mysql_error());
exit;

?>
Thanks in advance

Posted: Sat May 19, 2007 2:54 pm
by califdon
I wouldn't use the result from the query as a boolean value. Try this:

Code: Select all

$query = "SELECT loginid FROM members WHERE `loginid`='$loginid'");
$result = mysql_query($query);
if ($mysql_num_rows($result) > 0) {
        echo "<h1>Sorry</h1><br>That login name has been taken.";
        exit; 
}

Posted: Sat May 19, 2007 3:02 pm
by toby_c500
Hi califdon,

Thanks for helping out. I have put your code in and am getting:


Notice: Undefined variable: mysql_num_rows in /Applications/MAMP/htdocs/register.php on line 24

Fatal error: Function name must be a string in /Applications/MAMP/htdocs/register.php on line 24

line 24 is

Code: Select all

if ($mysql_num_rows($result) > 0) {

I tried something similar before and got the same error.

Posted: Sat May 19, 2007 3:03 pm
by volka
You should mark the field/index as unique. Mysql will not insert a second record with the same value for this field but return an error.
The error code is 1062
http://dev.mysql.com/doc/refman/5.1/en/error-messages-server.html wrote:Error: 1062 SQLSTATE: 23000 (ER_DUP_ENTRY)

Message: Duplicate entry '%s' for key %d
This way you only have one query instead of two any you avoid race conditions.
see http://de2.php.net/mysql_errno

Posted: Sat May 19, 2007 3:12 pm
by califdon
toby_c500 wrote:Hi califdon,
Thanks for helping out. I have put your code in and am getting:

Notice: Undefined variable: mysql_num_rows in /Applications/MAMP/htdocs/register.php on line 24

Fatal error: Function name must be a string in /Applications/MAMP/htdocs/register.php on line 24

line 24 is

Code: Select all

if ($mysql_num_rows($result) > 0) {
I tried something similar before and got the same error.
Oops! Sorry, my mistake. There should NOT be a $ sign before mysql_num_rows(... It should just be:

Code: Select all

if (mysql_num_rows($result) > 0) {
Reference:http://dev.mysql.com/doc/refman/4.1/en/ ... -rows.html

Posted: Sat May 19, 2007 3:39 pm
by toby_c500
BRILLIANT.

Thank you guys for your input. That works wonderfully now.