jefffan24 Posted October 30, 2009 Share Posted October 30, 2009 So I don't know if I should put this here or in mysql, but what my script is for is for people to add their emails to our mailing list. Pretty simple, I got that working. But what I want it do now is that if somebody puts their email in and their email is already added to our database then it doesn't do anything. but if their email isn't in our database then it will add it. So basically stop duplicate records. Is there any way to do this php? I'm sure there is, its just not coming to me. Link to comment https://forums.phpfreaks.com/topic/179609-solved-if-a-record-matches-an-existing-record-do-nothing/ Share on other sites More sharing options...
Bricktop Posted October 30, 2009 Share Posted October 30, 2009 Hi jefffan24, Post your code for an accurate answer. Link to comment https://forums.phpfreaks.com/topic/179609-solved-if-a-record-matches-an-existing-record-do-nothing/#findComment-947713 Share on other sites More sharing options...
jefffan24 Posted October 30, 2009 Author Share Posted October 30, 2009 Don't see how my code will help in this situation as it doesn't really do anything beside enter an input into a field in a database, but what ever here it is. $sql="INSERT INTO emails (Email) VALUES ('$_POST[email]')"; if (mysql_query($sql,$con)) { echo ""; } else trigger_error("SQL", E_USER_ERROR); mysql_close($con) Link to comment https://forums.phpfreaks.com/topic/179609-solved-if-a-record-matches-an-existing-record-do-nothing/#findComment-947725 Share on other sites More sharing options...
cags Posted October 30, 2009 Share Posted October 30, 2009 $email = mysql_real_escape_string($_POST['email']); $sql = "SELECT Email FROM emails WHERE Email = '$email'"; $result = mysql_query($sql); if(mysql_num_rows($result) == 0) { $sql = "INSERT INTO emails (Email) VALUES ('$email')"; $result = mysql_query($sql); } Link to comment https://forums.phpfreaks.com/topic/179609-solved-if-a-record-matches-an-existing-record-do-nothing/#findComment-947736 Share on other sites More sharing options...
Bricktop Posted October 30, 2009 Share Posted October 30, 2009 $email = mysql_real_escape_string($_POST['email']); $sql = "SELECT Email FROM emails WHERE Email = '$email'"; $result = mysql_query($sql); if(mysql_num_rows($result) == 0) { $sql = "INSERT INTO emails (Email) VALUES ('$email')"; $result = mysql_query($sql); } That's why posting your code ALWAYS helps. As well as fixing the problem cags has also escaped your email $_POST, which before was being entered directly into your MySQL statement - a MAJOR security flaw! Nice solution cags. Link to comment https://forums.phpfreaks.com/topic/179609-solved-if-a-record-matches-an-existing-record-do-nothing/#findComment-947739 Share on other sites More sharing options...
jefffan24 Posted October 30, 2009 Author Share Posted October 30, 2009 I'm new to the whole php/mysql thing...thanks for letting me know about the security flaw And helping me fix my problem. Link to comment https://forums.phpfreaks.com/topic/179609-solved-if-a-record-matches-an-existing-record-do-nothing/#findComment-947747 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.