Xdega Posted February 4, 2011 Share Posted February 4, 2011 First off. The database is connecting and selecting the table correctly, this is done via some includes. So I am having trouble getting my validation to with with this simple insert form. Well the only part that is failing, is the part that checks for the the username that was entered and stops the insert if it is a value that already exists. What I was hoping for, was that the SQL query would return nothing if it diddn't find anything. But apparently this is not happening. The elseif ($player!=$sel_result) seems to be coming out as always matching. Any ideas? $player=mysql_real_escape_string($_POST["playername"]); $sel="SELECT * FROM players WHERE PLAYER_NAME=$PLAYER"; $sql="INSERT IGNORE INTO players (PLAYER_NAME) VALUES ('$player')"; $sel_result=mysql_query($sel,$conn); if (empty($player)) { echo '<br><ul><li>You must enter a value for player, please go back and try again </li></ul><br> '; } elseif ($player!=$sel_result) { echo '<ul><li> The player you entered already exists </li></ul><br>'; } elseif (!mysql_query($sql,$conn)) { die('Error: ' . mysql_error()); } else { echo "$player ADDED TO THE DATABASE"; } mysql_close($conn) ?> Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/ Share on other sites More sharing options...
.josh Posted February 4, 2011 Share Posted February 4, 2011 first thing I see wrong is that you are using $PLAYER in you $sel query but I see only $player (lowercased) Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1169693 Share on other sites More sharing options...
.josh Posted February 4, 2011 Share Posted February 4, 2011 2nd thing I see wrong is elseif ($player!=$sel_result) Problem is that $sel_result is a result source. You need to actually check if a row was returned or not, pull the queried data out of the result source. Something like $sel_result=mysql_query($sel,$conn); $r = mysql_result($sel_result, 0); and then use $r in your condition Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1169694 Share on other sites More sharing options...
Xdega Posted February 4, 2011 Author Share Posted February 4, 2011 Ah, I gotcha. Should fix the problem. thx Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1169695 Share on other sites More sharing options...
Xdega Posted February 6, 2011 Author Share Posted February 6, 2011 K. Well I played around with this. It appears to work well for values like "123". But when I try and enter "Test Player 3" it is still allowing the post to be added to the DB. Here is the current code I have: $player=mysql_real_escape_string($_POST["playername"]); $sel="SELECT * FROM players WHERE PLAYER_NAME=$player"; $sql="INSERT INTO players (PLAYER_NAME) VALUES ('$player')"; $sel_result=mysql_query($sel,$conn); $r=mysql_result($sel_result, 0, PLAYER_NAME); if (empty($player)) { echo '<br><ul><li>You must enter a value for player, please go back and try again </li></ul><br> '; } elseif ($player==$r) { echo '<ul><li> The player you entered already exists </li></ul><br>'; } elseif (!mysql_query($sql,$conn)) { die('Error: ' . mysql_error()); } else { echo "$player ADDED TO THE DATABASE"; } mysql_close($conn) ?> Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1170564 Share on other sites More sharing options...
Xdega Posted February 6, 2011 Author Share Posted February 6, 2011 I guess to clarify, the problem I am having is when I enter any value that is not integer. Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1170680 Share on other sites More sharing options...
Pikachu2000 Posted February 6, 2011 Share Posted February 6, 2011 What is the data type of the PLAYER_NAME field in the database? Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1170727 Share on other sites More sharing options...
Xdega Posted February 6, 2011 Author Share Posted February 6, 2011 What is the data type of the PLAYER_NAME field in the database? Ok. For some reason I had is set as text. I tried setting it to Varchar(50) and the same problem persists. For the record, Unsure if this could be causing any problems but the collation is set at "latin1_general_ci" I am not really very well versed on how to choose appropriate collation types. Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1170821 Share on other sites More sharing options...
PFMaBiSmAd Posted February 6, 2011 Share Posted February 6, 2011 Your $sel query is producing an error because you don't have any single-quotes around the $player string data in the query. You need to use error checking and error reporting logic on all queries you execute. Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1170823 Share on other sites More sharing options...
Pikachu2000 Posted February 6, 2011 Share Posted February 6, 2011 String data types need to be quoted in the query string. $sel="SELECT * FROM players WHERE PLAYER_NAME = '$player'"; Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1170824 Share on other sites More sharing options...
Xdega Posted February 6, 2011 Author Share Posted February 6, 2011 ah, kk cool Link to comment https://forums.phpfreaks.com/topic/226637-help-with-validation-via-sql-query/#findComment-1170828 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.