Jump to content

What happens if two people submit at the same time?


greenace92

Recommended Posts

I don't even know if this is physically possible due to latency, mechanical, etc... 

 

But, the way my website is planned at the moment, a person submits basic info, hits "Create account" and then is taken to a new page with that basic information and an incremented unique id, based on last unique id entry read from database. 

 

My concern is that if two people or more were making accounts within the same time frame and one person hits "Create account" before another person does, what if the wrong data is pulled? 

The unique ID I guess is the only thing being pulled, if 0, start at 1, whatever 

 

But I wonder if I can temporarily hold data between two webpages before it is stored in the database finally when all fields have been filled. 

 

Thanks for any help / ideas 

Link to comment
Share on other sites

if you retrieve the current highest value, increment it, and try to use it, yes there exists the possibility of a race condition causing two ore more concurrent instances of your script to use the same value. you would need to lock the table to insure each value only gets used once.

 

instead, you would use an auto-increment column in the database table, since the database locks the table for you during the INSERT query and will automatically prevent any duplicates from being used.

 

If you need to get the auto-increment value that was just used in an INSERT (or update) query, you can retrieve it via a query or most database libraries have a dedicated function/property to retrieve the value.

Link to comment
Share on other sites

I sort of understand what you just said 

 

I'm thinking about using IP address, I'm not sure if I can collect that but I could use that, save it as a string or something and find the table.

 

I figure if someone just made an account, eg. completed part 1 of the account making procedure, they would still be on the same machine to complete the other part. 

 

But... what if you have multiple devices sharing that same IP address ? or the last octet would be different right? 

 

I reread your post, I see what you're saying, I need to see how to enable that. 

 

Does this seem stupid? 

 

Collect three pieces of data, hit submit, action opens up a php file that redirects to a different web page, it has a script run that pulls up last entry... continues account ad process... see this is where I encounter the identification problem

 

I could use IP but I'm not sure if that is a good solution

 

I'm also not sure about "pagnation" for submitting with a button using href, yet another thing to Google 

Edited by greenace92
Link to comment
Share on other sites

Do not use IP address. That is a bad idea. As mac_gyver stated use the last insert id.

 

User submits the initial information to create an account. Run the INSERT query. Then, right after you run the INSERT query get the "last insert id" using the appropriate database function (e.g. http://php.net/manual/en/mysqli.insert-id.php). The function will get the last insert ID  executed in the current instance. Do NOT try to get the last insert id using a SELECT query for the highest id as that would be open to race condition issues. Once you have the id of the last inserted record, you can save the id to a session value and use it on subsequent pages.

Link to comment
Share on other sites

What is a session value? 

 

There are four steps to the account creation : basic info and creation of unique id, send to database... oh... right 

 

The Unique-id field will be the identifier, which is created after the row has been made, so... but 

 

I've got two people, person a, person b.

 

Person a just filled out the form, he hit submit, in the process of launching the next page,

 

person b just hit submit and now his data is... I don't know why I can't think of this right now

Link to comment
Share on other sites

I'm also not successfully connecting to my database this is the code I have it is sort of jargen or crap 

 

 

I think I need to find something better than Bluefish, for some reason I get the impression that it doesn't support PHP as those entries are not highlighted / autocorrected 

 

No it does support PHP, not sure why anything with <?php ?> is not highlighted 

<!-- form submission -->
<?php 
// define variables and set to empty values 
$nameErr = $ageErr = $genderErr = "";
$name = $age = $gender ="";
if ($_SERVER["REQUEST_METHOD"]=="POST") {
if (empty($_POST["name"])){
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if(!preg_match("/^[a-zA-Z]*$/",$name)){
$nameErr="Only letters and white space allowed";
}
}
if ($empty($_POST["age"]){
$ageErr = "Your age is required";
}
// check if age only contains numbers and whitespace 
if (bool is_numeric(mixed$age)=fale){
$ageErr = "Only numbers are allowed";
}
if ($empty($_POST["gender"]){
$genderErr = "You must select your gender";
}


function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}


$dbhost = 'database localhost/cjdc_Accounts';
$dbuser = 'cjdc_dn2d8';
$dbpass = 'notshown';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
$mysql_select_db('cjdc_Accounts');
global $a, $b;
$a = SELECT COUNT(Unique-id) FROM dn2d8-new-accounts;
$b = $a + 1;
$sql = 'INSERT INTO dn2d8-new-accounts'.
'(Unique-id,Name,Age,Gender)';
'VALUES ("$b","name","age","gender");
mysql_close($conn);
FROM dn2d8-new-accounts;
?>
<div class="form" align="left">
<form  method="post" action="new-account.php">
<div class="data-collect-container" align="center">
<?php echo $nameErr;?>
<?php echo $ageErr;?>
<?php echo $genderErr;?>
<div class="field-1" align="left"><input type="text" name="name" value="<?php echo $name;?>"> <font color="#303030">Name</font><br></div>
</div>
<div class="data-collect-container" align="center">
<div class="field-2" align="left"><input type="number" name="age" value="<?php echo $age;?>"> <font color="#303030">Age</font><br></div>
</div>
<div class="radio-collect-container">
<div class="radio-container-text"><font color="#303030">I am a</font></div>
<div class="radio-container-male" align="center">
   <input type="radio" name="gender" value="1"> <font color="#303030">Male</font><br>
   </span>
   </div>
<div class="radio-container-female" align="center">
   <input type="radio" name="gender" value="0"> <font color="#303030">Female</font><br>  
   <!-- <span class="error">
    * <?php echo $genderErr;?>
   <?php if (isset($gender) && $gender=="female") echo "checked";?>  value="female">Female
   <?php if (isset($gender) && $gender=="male") echo "checked";?>  value="male">Male
   <span class="error">* <?php echo $genderErr;?></span> -->
</div>
</div>
<a href="" class="pagination"><div class="button" ><img src="create-account-button.png" width="154" height="44"></div></a>
Edited by greenace92
Link to comment
Share on other sites

Looks like I'm SOL on an IDE or something like that 

 

Eclipse supposedly uses 900MB of memory and seeing as I only have 2048MB hmm.... 

 

Seems to work (highlight) when I type php in a separate window and save as .php 

 

I don't understand the life span of data 

 

This is my simple task, take in data, write it to database and then retrieve some of it 

 

I don't know what action="" does, I think this is what is "executed" when I hit submit 

 

So... if I wanted to open a new webpage while taking some data with me, how does that data live between the transition? 

 

Should the data be written to the database on the same page that the submit button is on? Or have the data writing part happen on the action=".php" part? 

 

The other problem is, in the 3 phase step, what happens if someone skips to step three and then the rest of the account creation process continues for this random person? eg. look up last id and assume this person is the same person who just filled out the last row 

Edited by greenace92
Link to comment
Share on other sites

Yeah excuse me for asking basic questions like "What is the first letter of the alphabet?" 

 

I am going through some tutorials and picking out the information I need. 

This problem is interesting but one of the answers to my own question is 

 

The action="" piece of code is a new page that takes the data collected from the previous page and does whatever to that data. 

Link to comment
Share on other sites

You ask a lot of questions, people learn in different ways, but did you look at the manual ever? That could eliminate many questions you may be having and get a firmer grasp on things.

http://php.net/manual/en/index.php

That's how I learned php many eons ago before there was tutorials,help sites or schools for it.

 

It's hard to follow your multiple questions or statements in your posts, take a breath, explain yourself for us in simple terms.

 

But I wonder if I can temporarily hold data between two webpages before it is stored in the database finally when all fields have been filled.

 

What is a session value?

 

session

a way to store user data between HTTP requests, since upon leaving a page the data would no longer exist, through sessions is possible to retain the data
 

 

I think I need to find something better than Bluefish

 

 

http://notepad-plus-plus.org/

http://notepad2.com/

 

No it does support PHP, not sure why anything with <?php ?> is not highlighted

 

maybe is because how you tried commenting out

That's a php/html mess there

<!-- <span class="error">
    * <?php echo $genderErr;?>
   <?php if (isset($gender) && $gender=="female") echo "checked";?>  value="female">Female
   <?php if (isset($gender) && $gender=="male") echo "checked";?>  value="male">Male
   <span class="error">* <?php echo $genderErr;?></span> -->

 

<!--  --> is for html

for php to comment out a block is /* content */

// for single lines

 

a solution is to echo it all php or look at heredoc or nowdoc depending which php version are using

/*
echo "<span class='error'>";
echo $genderErr;
if (isset($gender) && $gender=="female") {
echo " checked ";
}
echo " value='female'>Female ";
if (isset($gender) && $gender=="male"){
 echo "checked";
}
echo  " value='male'>Male ";
echo "<span class='error'>$genderErr</span>";
*/
I don't know what action="" does, I think this is what is "executed" when I hit submit

The action="" piece of code is a new page that takes the data collected from the previous page and does whatever to that data.

the action is where the form will take you upon submission, omitting it completely or setting it blank will return to the same page

If you point it to another url or script it will then go there

 

Should the data be written to the database on the same page that the submit button is on? Or have the data writing part happen on the action=".php" part?

 

You can process on the same page if that's what you want...or on another page.

 

I'm also not successfully connecting to my database this is the code I have it is sort of jargen or crap

Ok, my eyes hurt looking at that code, did you copy this an old tutorial online?

Fixing that code is starting over.

Didn't anyone here suggest to you  mysqli_* or pdo and also with methods of how to check filter and escape the data?

mysqli_query is complete examples there

 

Besides the fact there is no $age above in the code besides your combo define...

if (bool is_numeric(mixed$age)=fale){
$ageErr = "Only numbers are allowed";
}

Lets do different and in one check

if(isset($_POST['age']) && ctype_digit(trim($_POST['age']))){
$age = trim($_POST['age']);
} else {
$ageErr = "Only numbers are allowed";
}

if ($empty($_POST["age"]){

empty is not supposed to be a variable, have other times as well

 

Use mysqli_real_escape_string or pdo prepared statements, make the switch and not use mysql_* functions at all

 

not this...

function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}

 

As said above... in mysql use autoincrement on the id

If do autoincrement is no need to pass an id either

$sql = "INSERT INTO `dn2d8-new-accounts` (Name,Age,Gender) VALUES ($name,$age,$gender)";//but escape the variables

 

Link to comment
Share on other sites

God what a nightmare VPS is turning out to be

 

I had to do a whole slew of things

 

php.ini file

config.inc.php something like this

 

I don't see the difference here but the first one works, the other one says "connection denied from ip-address of dn2d8 to ipaddress of vps server" here I would have had to have changed an auth file in the config.inc.php file which I downloaded and can't find that entry

<?php
$link = mysql_connect('localhost', 'usr', 'pass');
if (!$link) {
    die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_close($link);

// we connect to example.com and port 3307
$link = mysql_connect('dn2d8.com', 'usr', 'pass');
if (!$link) {
    die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_close($link);


?>

Well I was hoping I would be smiling saying "Yay I got my name into my database"

I don't understand why nothing is showing up, I've tried various ways to enter the data, last I knew I was connecting to the database

 

This is my current attempt, I have a basic html form that takes in a name then uses connection-test.php to try and store

<!DOCTYPE HTML>
<head>
<style>
</style>
</head>
<body>
<form action="connection-test.php" method="post">
Name: <input type="text" name="name" value="name">
<input type="submit">
</form>
</body>
<?php

if( $_POST )
{
  $con = mysql_connect("localhost","cjdc_dn2d8","pass");

  if (!$con)
  {
    die('Could not connect: ' . mysql_error());
  }

  mysql_select_db("cjdc_dn2d8", $con);

  $users_name = $_POST['name'];

  $users_name = mysql_real_escape_string($users_name);

  $query = "
  INSERT INTO `cjdc_dn2d8`.`dn2d8-new-accounts` (`Name`)
VALUES ('$users_name');";

  mysql_query($query);

  mysql_close($con);
}


$link = mysql_connect('localhost', 'cjdc_dn2d8', 'pass');

INSERT INTO dn2d8-new-accounts (Name)
VALUES ('name');

mysql_close($link);

header("Location: http://www.dn2d8.com");
die();
?>

Oh man my eyes hurt haha maybe need to lay down, then round two

Edited by greenace92
Link to comment
Share on other sites

Ahhhhhhhh my damn left hand grazed the touch pad and before I knew it, a couple of backspaces and my long response was gone ahhhhhhh

 

Alright, first thank you for your thorough response up above, I appreciate that really

 

I don't know what is going on, supposedly I connected successfully but I have not created a single row

 

I also have problems with Primary keys, being that I can't "un-primary" key columns, I even deleted the columns and recreated them and they are still set as primary keys, I don't even know what that means. I just know that for the auto-increment thing to work it has to be primary key.

I did crack the PHP manual I got as far as "Don't use GET method to capture passwords" then I branched off to SSL's and passowrd salting/hashing

 

I'm buillding an entire social media site and in a bad way I'm going all over the place, I was designing the "GUI" for the create account page and then I realized that I needed to be able to get data input / retrieve and then I also need to figure out that GD part to create images from backgrounds/user entered data.

 

This stuff is great though honestly, to be able to make anything that you can draw on a piece of paper... that's wonderful

 

Anyway thanks again, I think I'm going to lay down, I'm reaching that point where you are awake and your mind can't really do anything productive anymore

Link to comment
Share on other sites

That extra crap is desperation, trying every thing

 

I also can't that redirect thing to work, am I missing something?

Like do I need to have a header file at the destination?

 

See this is what I don't understand... I don't want to point fingers but

 

I've used PHP and SQL before with Inmotionhosting and it worked

 

I had a little basic comment system setup on my site, albeit there was no life, it worked

 

GoDaddy and their shared hosting VPS plans, although cheap and lack of support unless I pay $80.00, I can't get this thing to work

 

I mean, no ini file so mysql_connect isn't even recognizable? what the hell is that?

 

Anyway, I had a long response to your long response

 

I have a crap computer right now, although it has been the best $120.00 I've ever spent, as it has lasted me this long and could possibly make me a hell of a lot more than $120.00 It's running linux so I can't use those IDE's ? you mentioned.

Bluefish is actually great. Doesn't use a lot of memory, very clean.

 

Another hurdle later on down the road (in a few days) is camera access through HTML5 though supposedly it is easy, as in a single line of code easy.

Edited by greenace92
Link to comment
Share on other sites

ahh, well try Kate, is in the package manager

 

for saving age most likely want to save their date of birth, this way their age will change as the years fly by

store as datetime or timestamp(uses utc time), can do the calculation with a form coming in with strtotime and then as out

 

$datetime = date('Y-m-d H:i:s', strtotime($date));

 

and for gender a m or f value

 

here is a sql statement can use and add a new table, think it out, add all you want there, make sure is not already a Users table

CREATE TABLE `Users` (
  `ID` int(11) NOT NULL AUTO_INCREMENT,
  `users_name` varchar(255) NOT NULL,
  `date_of_birth` DATETIME DEFAULT NULL,
  `gender` char(1) DEFAULT NULL,
  `join_date` DATETIME DEFAULT NULL,
   PRIMARY KEY (`ID`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8_unicode_ci;
Link to comment
Share on other sites

Okay thank you

 

I've got the columns laid out already

 

That's a great tip about the date of birth and the age, I mean that would be great if they were around long enough to notice that change

 

yeah this is mine right here

 

I have some interesting problems to tackle, for example buying more photos (ha who would do that?) or $0.20 per point as a person can only give a certain person a point once a day. The quality points give people more visibility time / different data stream (scroll feed).

 

I don't know if it's dumb to set up gender by boolean eg. male is true, female is false (sexist?) anyway

 

Unique-id int(10)

Age int(3)

One-word-description text

Gender tinyint(1)

Interests varchar(1000)

Bio varchar(3000)

Photo-1 mediumblob

Photo-2 mediumblob

Photo-3 mediumblob

Photo-4 mediumblob

Photo-5 mediumblob

Photo-6 mediumblob

Photo-7 mediumblob

Photo-8 mediumblob

Photo-9 mediumblob

Photo-10 mediumblob

Video mediumblob

Quality-points int(10)

Name text

 

The blob thing is interesting, I figure pictures are roughly 2MB and a video file at a cetain seconds cut off is about 10MB

 

The data field / type / value is tricky

 

This is pretty funny, 80 failed attempts

post-164367-0-02660300-1417868451_thumb.png

Edited by greenace92
Link to comment
Share on other sites

What are you referring to? "...you should just save the path/file names..."

 

I'm not getting anywhere, if anything I'm regressing

 

I don't get any sort of validation /error reporting at all, just a blank page, even when I directly copy code

<?php
$servername = "localhost";
$username = "cjdc_dn2d8";
$password = "pass";
$dbname = "cjdc_Accounts";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

$sql = "INSERT INTO dn2d8-new-accounts (Name)
VALUES ('name')";

if ($conn->query($sql) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();
?>
Link to comment
Share on other sites

instead, you would use an auto-increment column in the database table, since the database locks the table for you during the INSERT query and will automatically prevent any duplicates from being used.

 

Is an auto-increment column really necessary?  What if a random PK was desired?  Wouldn't a unique constraint provide the same results?

Link to comment
Share on other sites

How did you set up the server, I think you missed mysqli in there

http://php.net/manual/en/mysqli.installation.php

 

sudo apt-get install php5-mysqlnd

but pretty sure would take out phpmyadmin and need a reinstall

 

I always install server versions then a desktop gui on top

 

but can always configure/add lamp this way

sudo apt-get install tasksel

sudo tasksel

Edited by QuickOldCar
Link to comment
Share on other sites

That's the thing, I'm using a VPS shared hosting thing through GoDaddy, I don't even know if I can access a terminal

 

I can barely do anything, I don't really know where to find stuff outside of my root directories of each domain

 

When I created the VirtualHost entries, I used this Apache editing "thing" that only allowed me to edit certain "ranges/areas"

 

Literally I had three options, two being "Post-Virtual-Host" "Pre-Virtual-Host" like what the hell

 

I've edited the hpttd.conf file before for my my own server using pico in the terminal but I'm not allowed to access it through GoDaddy? I don't even know where it is... thankfully the domains work as in urls are working...

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.