ignored sql query and array confusion
Posted: Mon Feb 23, 2004 9:16 pm
hi
ive been trying to write an evaluation script for a web database (mysql) that ensures there are no user name duplicates. at the moment the script detects whether or not a confirm password has been entered in the form and whether or not the confirm matches the entered password. however it wont detect a duplicate user name at all. ive tried a number of different queries (including the current one which was suggested to me) yet none of them have worked. im presuming the problem lies in the structure of the script but i just simply cant detect the problem (probably doesnt help this is my first time both with sql and php).
furthermore, in the process of trying to isolate the problem i tried to update the $errors array (which is outputed back at the form if any errors are found) in various places within the script to help me see whats going on. however none of these will be recognised and outputed unless an error is created within the if statements that are checking the passwords etc. i simply cant fathom why this is the case, im guessing i must be missing some fundamental understanding. $errors[test] is an example of such a problem.
if anyone has the inclination to go through this with me, id be very grateful.
?>
ive been trying to write an evaluation script for a web database (mysql) that ensures there are no user name duplicates. at the moment the script detects whether or not a confirm password has been entered in the form and whether or not the confirm matches the entered password. however it wont detect a duplicate user name at all. ive tried a number of different queries (including the current one which was suggested to me) yet none of them have worked. im presuming the problem lies in the structure of the script but i just simply cant detect the problem (probably doesnt help this is my first time both with sql and php).
furthermore, in the process of trying to isolate the problem i tried to update the $errors array (which is outputed back at the form if any errors are found) in various places within the script to help me see whats going on. however none of these will be recognised and outputed unless an error is created within the if statements that are checking the passwords etc. i simply cant fathom why this is the case, im guessing i must be missing some fundamental understanding. $errors[test] is an example of such a problem.
if anyone has the inclination to go through this with me, id be very grateful.
Code: Select all
<?php
include 'database.php';
include 'error.php';
session_start();
if(!session_is_registered("errors"))
session_register("errors");
$errors = array();
$errors["test"] = "testing errors";
if(!session_is_registered("formVars"))
session_register("formVars");
foreach($HTTP_POST_VARS as $varname => $value)
$formVars[$varname] = trim(clean($value, 50));
if(empty($idStaff))
$errors["idStaff"] = "You have reached this page incorrectly. Please select a
staff member and choose the link to create a contact.";
if(empty($formVars["StaffUserName"]))
$errors["StaffUserName"] = "A user name must be supplied.";
if(empty($formVars["StaffUserPassword"]) || empty($formVars["StaffConfirmPassword"]))
$errors["Password1"] = "A password and its confirmation must be supplied.";
if(!empty($formVars["StaffUserPassword"]) && !empty($formVars["StaffConfirmPassword"]))
{
$pass = $formVars["StaffUserPassword"];
$pass2 = $formVars["StaffConfirmPassword"];
$name = $formVars["StaffUserName"];
if(strcmp($pass, $pass2) != 0)
{
$errors["Password2"] = "Your password and password confirmation do not match.";
}
else
{
$query = sprintf("SELECT * FROM StaffUsers WHERE StaffUserName='%s' LIMIT 1",$name);
$connection = @ mysql_pconnect($hostname, $username, $password) or showerror();
if(!mysql_select_db($databaseName, $connection))
showerror();
$result = @ mysql_query($query, $connection) or showerror();
if(mysql_num_rows($result) == 1)
{
$errors["duplicate"] = "Sorry that user name has already been taken.";
}
}
}
if(count($errors))
{
header("Location: create_staff_user.php");
}