if script fails :(

[wmguk]

Hey guys,

 

I'm trying to build a script that inserts into a database.

 

there are a few verification scripts that needs to be run.

 

I need to check if the email address is already in the database and if it is then say, email address is already in use, and stop running the script.

 

and if $_FILES(uploadedfile) is empty then $filename = ''; otherwise its the name of the file.

 

this is my current code:

 

<?php
  include ("connection.php");

if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }mysql_select_db($db, $con);
   
  $company = $_POST['company'];
  $address = $_POST['address'];
  $name = $_POST['name'];
  $position = $_POST['position'];
  $tel = $_POST['tel'];
  $mob = $_POST['mob'];
  $email = $_POST['email'];
  $jobspec = $_POST['jobspec'];
  $howmany = $_POST['howmany'];
  $type = $_POST['type'];
  $duration = $_POST['duration'];
  $ftpt = $_POST['ftpt'];
  $hours = $_POST['hours'];
  $location = $_POST['location'];
  $wage = $_POST['wage'];
  $qualifications = $_POST['qualifications'];
  $experience = $_POST['experience'];
  $licences = $_POST['licences'];
  $contype = $_POST['contype'];
  $agree = $_POST['agree'];
  $c_comments = $_POST['c_comments'];
  $appointment = $_POST['appointment'];

if (empty($_FILES['uploadedfile'])) {
$filename = 'empty';

} else {
// Where the file is going to be placed 
$target_path = "../jobspec/";

/* Add the original filename to our target path.  
Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
$filename = basename( $_FILES['uploadedfile']['name']);
echo $filename;

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
}

//CHECK FOR EMAIL ADDRESS ALREADY USED
/* Select data from database. */
$sql="SELECT * FROM client WHERE email='$email'"; 
$result=mysql_query($sql); 
$count=mysql_num_rows($result);

/* If only one occurrence is there. */
if($count==1){

echo "this email address has already been used";

} else {


//set the random id length 
$random_id_length = 10; 
$rnd_id = crypt(uniqid(rand(),1)); 
$rnd_id = strip_tags(stripslashes($rnd_id)); 
$rnd_id = str_replace(".","",$rnd_id); 
$rnd_id = strrev(str_replace("/","",$rnd_id)); 
$rnd_id = substr($rnd_id,0,$random_id_length); 

$appdate = date("Y-m-d");
$password = $rnd_id; 
?>

 

However the verification scripts dont work, the $filename is never set empty and the script still seems to run past the email checker.

 

any thoughts?

[trq]

Can you indent your code so it is readable?

[philipolson]

Not sure what you mean by "not work" but consider dealing with the email address better as for example the case may differ... and for good measure let's use COUNT():

<?php
$sql = "SELECT COUNT(*) FROM client WHERE LOWER(email) = '" . mysql_real_escape_string(strtolower($email)) . "'";

$res = mysql_query($sql);

if (mysql_result($res, 0) > 0) {

    echo "Oh my, you are already in my database...";

}

But you need to be specific on what "not work" means, like you should know if the FILES part or email check part is failing... or some other information.