Check if the entry is already there?

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
Steveo31
Forum Contributor
Posts: 416
Joined: Sun Nov 23, 2003 9:05 pm
Location: San Jose CA

Check if the entry is already there?

Post by Steveo31 »

I've been searching the mySQL manual a bit and the only thing I can think of is to do a preliminary search for the values the user inputs (for a contact list, for example) and if they exist, give the user other options.

Is there another way of doing this?
Goowe
Forum Commoner
Posts: 94
Joined: Mon Mar 15, 2004 9:51 am
Location: Southeast Alaska

Post by Goowe »

Can you perhaps explain a tiddaly bit more? Is this, for example, when a user is registering and if their e-mail is already in the database you give them an error? Or do you mean... I dunno, can you elaborate for my poor brain? Thanks!
Steveo31
Forum Contributor
Posts: 416
Joined: Sun Nov 23, 2003 9:05 pm
Location: San Jose CA

Post by Steveo31 »

I thought I might have been too vague... ;)

But yea, that's the idea. If a user was to register on a site or sign up for a weekly e-newsletter, and store their info in a mySQL db. Then they forget or somethin and sign up again. I would like to make it so that I can return an error telling them they already signed up.

:)
Goowe
Forum Commoner
Posts: 94
Joined: Mon Mar 15, 2004 9:51 am
Location: Southeast Alaska

Post by Goowe »

I have a kind of weird style of doing queries and such, so bear with me...

Code: Select all

<?php
$error = 0;
$query = "SELECT * FROM users_information_table";
$result = mysql_query($query) or die("<P>Query failed: ".mysql_error());
while($line = mysql_fetch_array($result, MYSQL_ASSOC))
{
	// Assuming the input field where the user entered their username
	// is named 'username' and the input field for their e-mail is named
	// 'email' you can do a lil somethin like this...

	if($_POST['username'] == $line['username'])
	{
		// The user's requested name is equal to a username found in the
		// table. Give an error! Ahh! This is also assuming the column
		// in the table for holding the usernames is entitled 'username'
		$error = 1;
		echo "<P>The username you requested is already in use.</P>";
	}
	if($_POST['email'] == $line['user_email'])
	{
		// The user's requested e-mail that they entered in the form
		// is equal to an e-mail that's already in the database
		// so we must give an error.
		$error = 1;
		echo "<P>The e-mail address you requested is already in the database.</P>";
	}
}
if(!$error)
{
     // continue with registration and add them to the table!
}
?>
Steveo31
Forum Contributor
Posts: 416
Joined: Sun Nov 23, 2003 9:05 pm
Location: San Jose CA

Post by Steveo31 »

Excellent. Just by reading it looks good...

Thanks Goowe.
Goowe
Forum Commoner
Posts: 94
Joined: Mon Mar 15, 2004 9:51 am
Location: Southeast Alaska

Post by Goowe »

Glad I could help :wink: Hollar if it doesn't work
User avatar
haagen
Forum Commoner
Posts: 79
Joined: Thu Jul 11, 2002 3:57 pm
Location: Sweden, Lund

Post by haagen »

Goowe wrote:I have a kind of weird style of doing queries and such, so bear with me...

Code: Select all

<?php
$query = "SELECT * FROM users_information_table";

?>
Just a note, why do something in php wich the database is probably doing much better already? I recommend not doing the check's in php, let the database do the check instead.

Code: Select all

<?php

 $query = "SELECT * FROM users_information_table WHERE username = ";
 $query .= "'".$_POST['username']."' OR user_email = '";
 $query .= $_POST['email']."'";

?>
Then you just have to check if you get any rows back from the database, ifso the information is already there. But either way works fine!

Another note. It's never good to pass user input directly to the database then you're woulnarable to sql-injection.
Steveo31
Forum Contributor
Posts: 416
Joined: Sun Nov 23, 2003 9:05 pm
Location: San Jose CA

Post by Steveo31 »

I'm not too clear on what you mean... I can see what you are talking about in extracting the username, email, etc with a WHERE clause, but this is fuzzy to me:
haagen wrote: ...why do something in php wich the database is probably doing much better already? I recommend not doing the check's in php...
And as for SQL injection, what would you recommend?

:)
Post Reply