blurrydude Posted April 15, 2008 Share Posted April 15, 2008 I've tried to search for this... I just want to make sure that no one has the same username as someone already in the table. I've even tried implementing IF EXISTS statements in the query. <? session_start(); include('db.php'); $username=$_POST['username']; $query = mysql_query("SELECT * FROM members WHERE username = ". $username .";"); if($query) { echo "User ". $username ." already exists, please try another."; } else { echo "This username is available."; } echo "<br><br>". $query ."<br><br>";//to see what the script sees as I edit. ?> <form action="checkname.php" method="POST"> <input type="text" name="username"><br> <input type="submit"> </form> Quote Link to comment Share on other sites More sharing options...
discomatt Posted April 15, 2008 Share Posted April 15, 2008 Strings in MySQL queries must be quoted.. Also, why are you selecting * (all rows) when you really don't need them? Wasting memory $query = mysql_query("SELECT `username` FROM `members` WHERE `username` = '". $username ."';"); Dont forget to sanitize user input Quote Link to comment Share on other sites More sharing options...
blurrydude Posted April 15, 2008 Author Share Posted April 15, 2008 ok, now code looks like this, I used ID as the single field to select: <? session_start(); include('db.php'); $username=$_POST['username']; $query = mysql_query("SELECT `ID` FROM `members` WHERE `username` = '". $username ."';"); if($query) { echo "User ". $username ." already exists, please try another."; } else { echo "This username is available."; } echo "<br><br>". $query ."<br><br>";//to see what the script sees as I edit. ?> <form action="checkname.php" method="POST"> <input type="text" name="username"><br> <input type="submit"> </form> No matter what I type into the form, I get Resource id #3 from the echo $query. Quote Link to comment Share on other sites More sharing options...
discomatt Posted April 15, 2008 Share Posted April 15, 2008 Check out what mysql_query returns in the manual... a resource! You have to parse the resource in to a string via: mysql_result(); mysql_fetch_row(); mysql_fetch_assoc(); ect.. Quote Link to comment Share on other sites More sharing options...
blurrydude Posted April 15, 2008 Author Share Posted April 15, 2008 <? session_start(); include('db.php'); $username=$_POST['username']; $query = mysql_query("SELECT `ID` FROM `members` WHERE `username` = '". $username ."';"); $queryresult = mysql_fetch_row($query); if($queryresult) { echo "User ". $username ." already exists, please try another."; } else { echo "This username is available."; } mysql_close($link); ?> <form action="checkname.php" method="POST"> <input type="text" name="username"><br> <input type="submit"> </form> Final code, works great, thanks for the help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.