Prevent duplicated entries

[karimali831]

Hello,

 

I'm trying to prevent users from signup up if they use a same name in my database.

Is there anything wrong with my queries?

 

The problem is that they can still signup even with the same name in the database.

 

        
$getclans = safe_query("SELECT name FROM ".PREFIX."cup_all_clans");
$db=mysql_fetch_array($getclans); 
$name = $db['name'];


$check = safe_query("SELECT * FROM ".PREFIX."cup_all_clans WHERE name='$name'");
$db=mysql_fetch_array($check); 
if($_POST['name']==$name) {

die('There is already a team with this name!'); 
}

 

Thanks for any help.

[karimali831]

Solved with trim

 

                
$name = htmlspecialchars(mb_substr(trim($_POST['name']), 0, 30));
$check = safe_query("SELECT * FROM ".PREFIX."cup_all_clans WHERE name='$name'");
$num = mysql_num_rows($check);
if($num) die('A team with this name already exists.');

[Psycho]

That code makes no sense. The first query gets ALL names from the DB, but only extractst he first one. The 2nd query serves no purpose. Then you compare the input name with the first name extracted from the first query. You only need one query

 

$name = mysql_real_escape_string($db['name']);
$query  = "SELECT name FROM ".PREFIX."cup_all_clans WHERE name='$name'";
$result = safe_query($query);

if(mysql_num_rows($result)>0)
{
    echo "There is already a team with the name '$name'!";
}
else
{
    //not a duplicate, proceed
}

[karimali831]

Thanks for that but this seems to work fine anyway...

 

$name = htmlspecialchars(mb_substr(trim($_POST['name']), 0, 30));
$check = safe_query("SELECT * FROM ".PREFIX."cup_all_clans WHERE name='$name'");
$num = mysql_num_rows($check);
if($num) die('A team with this name already exists.');