Page 1 of 1
form fields being duplicated
Posted: Thu Jul 15, 2004 10:20 am
by James M.
Hi, I have created a script to create a user from a form. When I created a script to delete users, i found that the rows are duplicated so that there are two users of the same name. I am guessing for some reason, my script is inserting the data twice for some reason. Can anyone help?
Posted: Thu Jul 15, 2004 10:23 am
by malcolmboston
post your code please
Posted: Thu Jul 15, 2004 10:25 am
by James M.
Code: Select all
<?php
include("../includes/format.inc");
include("../includes/user.inc");
$message="";
if(isset($_POST[actionflag]) && $_POST[actionflag]=="new")
{
// fuzzy image check.
$request_id=$_POST[requestid];
$user_number=trim($_POST[usernumber]);
if(strlen($request_id)!=45)
{
die("Invalid number");
}
$db_conn=@mysql_connect() or die("MySQL service not started");
@mysql_select_db("test", $db_conn) or die("Cannot access database");
$sql="SELECT auth_code FROM auth_code WHERE request_id='".$request_id."'
AND status='W'";
$tmp_rs=@mysql_query($sql, $db_conn) or die("Query not exectured: "
.mysql_error());
$number=mysql_result($tmp_rs, 0, 0);
// Check numbers
if($number==$user_number)
{
// Update status as 'Appoved'
@mysql_query("UPDATE auth_code SET status='A' WHERE request_id=
'".$request_id."'", $db_conn) or die("Database update failed");
mysql_close($db_conn);
}
else
{
// Update status as 'Not Approved''
@mysql_query("UPDATE auth_code SET status='N' WHERE request_id=
'".$request_id."'", $db_conn) or die("database update failed");
mysql_close($db_conn);
$message.="Authentication code not valid.<br>";
}
// user input check.
if(empty($_POST[user]) || empty($_POST[pass]) || empty($_POST[pass2])
|| empty($_POST[email]) || empty($_POST[email2]))
{
$message.="All fields must be filled.<br>";
}
if(strlen($_POST[pass]) <
{
$message.="Password must be 8 or more characters long.<br>";
}
if($_POST[pass]!=$_POST[pass2])
{
$message.="Passwords do not match.<br>";
}
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$",
$_POST[email]))
{
$message.="Incorrect format for E-Mail.<br>";
}
if($_POST[email]!=$_POST[email2])
{
$message.="E-Mails do not match.<br>";
}
// check if user exist
if(getrow("users", "user", $_POST[user]))
{
$message.="User already exist, please choose another user name.<br>";
}
if($message=="")
{
$user=addslashes(trim($_POST[user]));
$pass=addslashes(trim($_POST[pass]));
$email=addslashes(trim($_POST[email]));
$started=addslashes(trim($_POST[started]));
$link=mysql_connect();
if(!$link)
{
die("MySQL service not started");
}
mysql_select_db("project2", $link);
$query="INSERT INTO users(user, email, password, mode, started, last,
privilage, chars) VALUES('$user', '$email', '$pass', 'N', '$started',
'$started', 'Play', 0)";
$result=mysql_query($query, $link);
if(!$result)
{
die("Could not complete query: ".mysql_error());
}
$query2="SELECT id FROM users WHERE user='$user'";
$result2=mysql_query($query, $link);
$row=mysql_fetch_assoc($result2);
mysql_close($link);
login($row[id], $_POST[user]);
}
}
if($message!="")
{
echo"<p class="note">$message</p>";
}
?>
Posted: Thu Jul 15, 2004 10:41 am
by kettle_drum
Code: Select all
$query2="SELECT id FROM users WHERE user='$user'";
$result2=mysql_query($query, $link);
You insert the first query again in this query.
Posted: Thu Jul 15, 2004 10:43 am
by James M.
hehe, didnt catch that, i feel kind of.....yea. Thanks.
Posted: Thu Jul 15, 2004 10:44 am
by kettle_drum
Np, its always the simple mistakes that are the hardest to spot.