mark103 Posted March 8, 2012 Share Posted March 8, 2012 Ok guys, I am working on my code as I am checking the row in a database that if i have got a same row that I insert the functions in the URL then throw the error that says "you can't store". When I am checking as the rows have already exist, i keep getting "you can now store". Do you know how i can check in a database to see if the rows is exist? here's the code: <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'mydbuser'); define('DB_PASSWORD', 'mydbpass'); define('DB_DATABASE', 'mydbname'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($var){ return mysql_real_escape_string(strip_tags($var)); } $image = clean($_GET['image']); $strings = clean($_GET['strings']); $username = clean($_GET['user']); $password = clean($_GET['pass']); if (isset($_GET['user']) && (isset($_GET['pass']))) { if($username == '' || $password == '') { $errmsg_arr[] = 'username or password are missing'; $errflag = true; } } if (isset($_GET['image']) || (isset($_GET['strings'])) || (isset($_GET['user']))) { if($image == '' || $strings == '' || $username == '') { $errmsg_arr[] = 'image, strings or username are missing'; $errflag = true; } } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; echo implode('<br />',$errmsg_arr); } else { $insert = array(); if(isset($_GET['image'])) { $insert[] = 'image = \'' . clean($_GET['image']) . '\''; } if(isset($_GET['user'])) { $insert[] = 'user = \'' . clean($_GET['user']) .'\''; } if(isset($_GET['pass'])) { $insert[] = 'pass = \'' . clean($_GET['pass']) . '\''; if (count($insert)>0) { $names = implode(',',$insert); if($image && $strings && $from && $username) { $qry="SELECT * FROM members WHERE username='$username'"; $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); $row=mysql_fetch_assoc($result); if ($row >= 1) { echo 'you cant store.'; } else { echo 'you can now store'; } } elseif($username && $pass) { echo "working 2"; } } } ?> Link to comment https://forums.phpfreaks.com/topic/258562-checking-if-database-rows-is-exist/ Share on other sites More sharing options...
cpd Posted March 8, 2012 Share Posted March 8, 2012 Where you say $row=mysql_fetch_assoc($result); You should use one of the following $row_count = mysql_affected_rows($result); // OR $row_count = mysql_num_rows($result); Furthermore, I suggest you use POST to pass sensitive data such as usernames and passwords. Using GET makes it visible through the URL and is never advisable. Link to comment https://forums.phpfreaks.com/topic/258562-checking-if-database-rows-is-exist/#findComment-1325394 Share on other sites More sharing options...
mark103 Posted March 8, 2012 Author Share Posted March 8, 2012 Thanks, I have added them in my source code, but when I run the debug i can see no difference than what I had. I keep getting the "you can now store". Any idea? Link to comment https://forums.phpfreaks.com/topic/258562-checking-if-database-rows-is-exist/#findComment-1325397 Share on other sites More sharing options...
cpd Posted March 8, 2012 Share Posted March 8, 2012 Try doing the following just after the line containing "mysql_query" echo mysql_num_rows($result); die; This will confirm rows are being returned. If they are we can progress from there. Link to comment https://forums.phpfreaks.com/topic/258562-checking-if-database-rows-is-exist/#findComment-1325399 Share on other sites More sharing options...
cpd Posted March 8, 2012 Share Posted March 8, 2012 Just to confirm as well you did change the $row variable in the if statement to $row_count? The code should look as follows: $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); $row=mysql_fetch_assoc($result); $row_count = mysql_num_rows($result); if ($row_count >= 1) { echo 'you cant store.'; } else { echo 'you can now store'; } Link to comment https://forums.phpfreaks.com/topic/258562-checking-if-database-rows-is-exist/#findComment-1325401 Share on other sites More sharing options...
Psycho Posted March 9, 2012 Share Posted March 9, 2012 No need to do a comparison such as "$row_count >= 1". A more logical approach, IMHO $query = "SELECT COUNT(*) FROM members WHERE username='$username'"; $result = mysql_query($query) or die("Error:<br />{$query}<br />" . mysql_error()); $username_exists = mysql_result($result, 0); if($username_exists) { echo 'you cant store.'; } else { echo 'you can now store'; } Link to comment https://forums.phpfreaks.com/topic/258562-checking-if-database-rows-is-exist/#findComment-1325405 Share on other sites More sharing options...
cpd Posted March 9, 2012 Share Posted March 9, 2012 Both methods are satisfactory and in this instance would consume a similar amount of resources. Either or in my opinion: neither are wrong. I just noticed there's also no need what so ever to use a variable in both suggestions. This would leave you with $query = "SELECT COUNT(*) FROM members WHERE username='$username'"; $result = mysql_query($query) or die("Error:<br />{$query}<br />" . mysql_error()); if(mysql_result($result, 0)) { echo 'you cant store.'; } else { echo 'you can now store'; } // ---------------------------- // OR THE FOLLOWING // ----------------------------- $query = "SELECT * FROM members WHERE username='$username'"; $result = mysql_query($query) or die("Error:<br />{$query}<br />" . mysql_error()); if(mysql_num_rows($result) >= 1) { echo 'you cant store.'; } else { echo 'you can now store'; } Link to comment https://forums.phpfreaks.com/topic/258562-checking-if-database-rows-is-exist/#findComment-1325407 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.