savagenoob Posted January 16, 2009 Share Posted January 16, 2009 I am creating a timeclock system and want to check to make sure they are not clocking in when they are already clocked in... how do i lookup status of the employee before inserting on this: <?php $employee = $_SESSION['SESS_MEMBER_ID']; $inout = $_POST['punch']; $query = "INSERT INTO timeclock SET Employee='$employee', InOut='$inout'"; $result = mysql_query($query); echo mysql_error(); echo $query; mysql_free_result($result); ?> Link to comment https://forums.phpfreaks.com/topic/141012-solved-check-before-insert/ Share on other sites More sharing options...
corbin Posted January 16, 2009 Share Posted January 16, 2009 SELECT InOut from timeclock WHERE Employee = 'Blah'; Then check InOut. You should be sanitizing input by the way (assuming you didn't just omit that from the post). SQL injection = evil. Link to comment https://forums.phpfreaks.com/topic/141012-solved-check-before-insert/#findComment-738079 Share on other sites More sharing options...
savagenoob Posted January 16, 2009 Author Share Posted January 16, 2009 Yeah, I am getting it to work first but 'punch' doesnt come from user text, just a menu that says out, in, lunch, break and submit. Ok, I tried this: <?php $employee = $_SESSION['SESS_MEMBER_ID']; $inout = $_POST['punch']; $fquery = "SELECT clock, Time FROM timeclock WHERE employee = '$employee' ORDER BY ID DESC LIMIT 1"; $fresult = mysql_query($fquery); if ($fresult[0] != $inout) { $query = "INSERT INTO timeclock SET Employee='$employee', clock='$inout'"; $result = mysql_query($query); echo mysql_error(); echo "<meta http-equiv=refresh content=\"0; URL=time.php\">"; mysql_free_result($result); } else { echo "You selected same status..."; } ?> But it still lets you submit 'In' if your already clocked in... Im such a noob. Link to comment https://forums.phpfreaks.com/topic/141012-solved-check-before-insert/#findComment-738099 Share on other sites More sharing options...
corbin Posted January 16, 2009 Share Posted January 16, 2009 It still comes from the client. Know how hard HTML is to change? I can do it in Firefox with Firebug without even saving the page ;p. $fresult = mysql_query($fquery); if ($fresult[0] != $inout) { $fresult would be a resource, not an array. You would want to pull the data from the resource, with a function like mysql_fetch_row or mysql_fetch_assoc. (In this situation, mysql_result might actually be faster.) Anyway, you would want to do: $fresultq = mysql_query($fquery); $fresult = mysql_fetch_row($fresultq); Link to comment https://forums.phpfreaks.com/topic/141012-solved-check-before-insert/#findComment-738102 Share on other sites More sharing options...
savagenoob Posted January 16, 2009 Author Share Posted January 16, 2009 Damn I forgot that part. Thank you very much. My name aint savagenoob for nothin' And cant forget this $inout = mysql_escape_string($_POST['punch']); Link to comment https://forums.phpfreaks.com/topic/141012-solved-check-before-insert/#findComment-738103 Share on other sites More sharing options...
corbin Posted January 16, 2009 Share Posted January 16, 2009 No prob ;p. Link to comment https://forums.phpfreaks.com/topic/141012-solved-check-before-insert/#findComment-738108 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.