[RESOLVED] check DB if user exists…..

@Markbad311Mar 24.2006

Well I will start out on what I have. I have a registration form and a table for users that register. Table has these fields:
id (auto inc)
f_name
l_name
u_name User Name
u_pass Password
e_mail Email Address
created
created_ip
last_login
last_ip
gender
address1
address2
city
state
zip
web_q (bool)
web_s

Now I have a few users in there for testing and all works well with the script in general. Here is the script:

[code=php] <? if($_POST[op] != “ds”) { $d_created = date(“Y-m-d”); $IP = getenv(“REMOTE_ADDR”); $seeform = “yes”; $formblock = ” <form method=”post” action=”$SERVER[PHP_SELF]”> <input type=”hidden” name=”created” value=”$d_created”> <input type=”hidden” name=”last_login” value=”$d_created”> <input type=”hidden” name=”last_ip” value=”$IP”> <input type=”hidden” name=”op” value=”ds”> <label>First Name<br /> </label> <input type=”text” name=”f_name” size=”25″ maxlength=”25″ /><br /> <label>Last Name<br /> </label> <input type=”text” name=”l_name” size=”25″ maxlength=”25″ /><br /> <label>Desired User Name<br /> </label> <input type=”text” name=”u_name” size=”25″ maxlength=”50″ /><br /> <label>Password<br /> </label> <input type=”password” name=”u_pass” size=”10″ maxlength=”10″ /><br /> <label>E-Mail<br /> </label> <input type=”text” name=”e_mail” size=”25″ maxlength=”50″ /><br /> <label>Gender<br /></label> Male<input type=”radio” name=”gender” value=”Male” />    Female<input type=”radio” name=”gender” value=”Female” />    Not Disclosed<input type=”radio” name=”gender” value=”Not Disclosed” /><br />

<label>Address Line 1</label> <br /> <input type=”text” name=”address1″ size=”50″ maxlength=”100″ /><br /> <label>Address Line 2</label> <br /> <input type=”text” name=”address2″ size=”50″ maxlength=”100″ /><br /> <label>City</label> <br /> <input type=”text” name=”city” size=”50″ maxlength=”100″ /><br /> <label>State</label> <br /> <input type=”text” name=”state” size=”25″ maxlength=”50″ /><br /> <label>Postal Code<br /> </label> <input type=”text” name=”zip” size=”10″ maxlength=”10″ /><br /> <label>Web Site?</label> <input type=”checkbox” name=”web_q” value=”1″ /><br /> <label>If so, Whats the address?</label> <br /> <input type=”text” name=”web_s” size=”50″ maxlength=”100″ /><br /> <div align=”center”> <input type=”submit” name=”submit” value=”Submit” />

</div> </form> “; } else if ($_POST[op] == “ds”){ $seeform = “no”; if ($_POST[f_name] == “”) { $fname_err = “<span style=”color:red;”>You must enter a first name.</span><br />”; $send = “no”; }

if ($_POST[l_name] == “”) { $lname_err = “<span style=”color:red;”>You must enter a last name.</span><br />”; $send = “no”; }

if ($_POST[u_name] == “”) { $user_err = “<span style=”color:red;”>You must enter a user name.</span><br />”; $send = “no”; }

if ($_POST[u_pass] == “”) { $user_err = “<span style=”color:red;”>You must enter a Password.</span><br />”; $send = “no”; }

if ($_POST[e_mail] == “”) { $email_err = “<span style=”color:red;”>You must enter a valid E-Mail address.</span><br />”; $send = “no”; }

if ($_POST[gender] == “”) { $gender_err = “<span style=”color:red;”>You must specify gender.</span><br />”; $send = “no”; }

if ($_POST[address1] == “”) { $address_err = “<span style=”color:red;”>You must enter a Address.</span><br />”; $send = “no”; }

if ($_POST[city] == “”) { $city_err = “<span style=”color:red;”>You must enter a City.</span><br />”; $send = “no”; }

if ($_POST[state] == “”) { $state_err = “<span style=”color:red;”>You must enter a State.</span><br />”; $send = “no”; } if ($_POST[zip] == “”) { $zip_err = “<span style=”color:red;”>You must enter a Zip Code.</span><br />”; $send = “no”; }

if ($send != “no”) {

$db_name = “markbad_markbadsql”; $connection = mysql_connect (“localhost”, “user”, “password”) or die (‘Error line x:’ . mysql_error()); $db = mysql_select_db ($db_name, $connection) or die (‘Error line x:’ . mysql_error());

function sanitize($input) { if(get_magic_quotes_gpc()) { $input = stripslashes($input); } return(mysql_real_escape_string($input)); } $address1 = sanitize($_POST[‘address1’]); $address2 = sanitize($_POST[‘address2’]); $web_s = sanitize($_POST[‘web_s’]);

$sql = “INSERT INTO users (id, f_name, l_name, u_name, u_pass, e_mail, created, last_login, last_ip, gender, address1, address2, city, state, zip, web_q, web_s) VALUES (”, ‘$_POST[f_name]’, ‘$_POST[l_name]’, ‘$_POST[u_name]’, ‘$_POST[u_pass]’, ‘$_POST[e_mail]’, ‘$_POST[created]’, ‘$_POST[last_login]’, ‘$_POST[last_ip]’, ‘$_POST[gender]’, ‘$address1’, ‘$address2’, ‘$_POST[city]’, ‘$_POST[state]’, ‘$_POST[zip]’, ‘$_POST[web_q]’, ‘$web_s’ )”; $result = mysql_query($sql, $connection) or die (‘line 148’ . mysql_error());

// Display Confirmation to the user $display_block = “<h4>Thanks for Registering, $_POST[f_name]</h4> <p>User Name: $_POST[u_name]</p> <p>E-Mail Address: $_POST[e_mail]</p> <p>City: $_POST[city]</p> <p>State: $_POST[state]</p>”; } else if ($send == “no”) { $display_block = ” $fname_err $lname_err $user_err $email_err $gender_err $address_err $city_err $state_err $zip_err <p>Please hit your back to restore the form</p>”; } } if ($seeform == “yes”){ $display_block = $formblock; } ?> <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”> <html xmlns=”http://www.w3.org/1999/xhtml”> <head><title>The Erie Scene :: Registration Form</title> <meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ /> <link href=”/favicon.ico” rel=”SHORTCUT ICON” />

But now (you can see up there) I have no checking against multiple names. I almost need a check against Duplicate E-Mail addresses and User Names. How can I do this please please please help. I have some ideas like making an array with all the user names in one and all the e_mail address in the other and checking it against what is posted. I also would like help on how to make my passwords in MD5 format. Can I have some clarity on this please please please!

to post a comment

PHP

23 Comments(s) _↴

@Markbad311authorMar 24.2006 — #note: I don't know how exactly to make this array either or if it is the best way.

@bokehMar 24.2006 — #You need to modify your table to make certain columns unique.

@Markbad311authorMar 24.2006 — #that can be done. but what does that do? How can I show the user that that name is taken or email address is taken. What would my $result variable equal if I try to write to a field that is already showing the same name?? How do I deal with a multiple of a unique entry? doesn't it just plain error out of the script?

Thanks!

@Markbad311authorMar 24.2006 — #well I made it u_name and e_mail unique as they will be the two things not allowed to be altered or duplicated. Now how can I handle duplicate name or e-mail registrations? does PHP allow for you to access if that was the problem? If so how can I gain that info to show the user that this name already exists? I can make the script to populate the original form sfter the error so all is not lost. But I can't go any further, I really need to get this part together.

@chazzyMar 24.2006 — #When you have unique column values, when you try to insert a value that already exists, it will return an error. You can then use that error to show specific problems with the query.

it works best when you store everything in UPPER or LOWER format strictly.

@Markbad311authorMar 24.2006 — #Now chazzy that error I get, won't I be the only one who would want to see that error? not my guests? Should I just run a mysql_num_rows() and if is 0 then go ahead? I just would rather not do this stuff on the application level and in MySql. I have made a few pages all in CASE and it is much faster then the app level. UPPER and lower case letters? what do you mean?

@welshMar 24.2006 — #just do a select query to select the username and check to see if rows is 0, if is continue, then the same for the email.

@rch10007Mar 24.2006 — #just do a select query to select the username and check to see if rows is 0, if is continue, then the same for the email.[/QUOTE]

Exactly as welsh says: Run a query with the info you get from the user. Check the info in the database with the user input. If there is matching data, throw and error message to alert the user to input a different user name or email address since the one they entered is already being used.

Also, if you are trying to keep them from changing the email addy or user name, just don't offer them the opportunity by giving them a form with that option.

If you don't want to let then register another user name with the same email addy, then run a check and if the email is present kick back and error message saying that email is being used and you cant register more than one user name per email address.

@chazzyMar 24.2006 — #to be honest welsh, rich, those are extremely slow ways of doing it.

mark:

Actually, you don't want to know what the error is either. Your application should see the returned error #, read the error text and say "ok, so I can't insert this username. Let me use [b]my own built in error handling class[/b] to determine what to do now that i have this error.

then your error handling class will read it and say "ok, this is error #12345. it means duplicate unique keys. ::reads through the error message:: ok, this says that the column in question is u_name. That corresponds to form field "user_name". I should return something like 'The username you entered already exists. Please try another'.

Also, counting the rows is using the application side of things. Handling insert errors is using DB strategy.

@Markbad311authorMar 24.2006 — #Hmm very interesting. I knew if I posted here you would know about the MySql side of it.

Now my next question is how do I get this error stored in a variable without the script closing? Because of course I want it to display in the HTML format I have laid out.

***EDIT***

also I need to be able to set the $send variable

@chazzyMar 24.2006 — #Well to see a list of possible ones (this gives you want to look for)

http://dev.mysql.com/doc/refman/4.1/en/error-handling.html

if you want to get the error code and message:

[code=php]
 //assuming you just did something that used mysql_query($sql)
 if(mysql_error() !=""){
 $errorcode = mysql_errno();
 $errortext = mysql_error();
 }
 [/code]

I'm not sure what you mean by the $send variable. are you using that to determine if if the statement went through successfully? if so, after declaring $errortext, you can set $send = no.

@Markbad311authorMar 24.2006 — #sweet thanks!

@bokehMar 24.2006 — #just do a select query to select the username and check to see if rows is 0, if is continue, then the same for the email.[/QUOTE]If you extract data from the database and then use PHP to format that data before using it in another query you are only doing it is only because your SQL skills are limited (like mine).

@bokehMar 24.2006 — #Just to expand on the code Chazzy posted above, if your sole purpose is to raise an error ON DUPLICATE KEY you could use the following:

[code=php]#run the query first
 if(mysql_errno() == 1022)
 {
 #duplicate entry
 }[/code]

@chazzyMar 24.2006 — #i was thinking more along the lines of case logic for various errors in his error class to use w/ the constructor.

also, the only time when the server side language works faster is in php's use of <<DBMS>>_num_rows(), if you want to know both the data and its size it's faster to count it that way than to issue the two queries.

@bokehMar 24.2006 — #Looking at the code there doesn't seem to be a DB class but I agree with where you are coming from.

@chazzyMar 24.2006 — #db class?

@bokehMar 24.2006 — #I don't know if we are on the same page of the script. I went to bed at 4am. (Answering Sheepo's questions).

@chazzyMar 24.2006 — #mark's not really using a db class, just some generic connector pieces. i imagine when more people get into OO PHP they'll be better with classes. this will be very simple to implement in a class - create a new error object based on the error message and error #. create a throwFlags() function that reads the error's information and decides what to do with it.

@welshMar 24.2006 — #you cant argue with what works though, even though their be other ways that work.

@chazzyMar 24.2006 — #you cant argue with what works though, even though their be other ways that work.[/QUOTE]

ah ha!

but does it really work?

sure, it might return to them the errors in their query but at what expense? will the system of querying for each item to check eventually time out under heavy load?

@Markbad311authorMar 25.2006 — #I got to tell you I am learnin a lot of stuff reading this post. thanks everyone I am researching classes, I did not know I have been missing out on this.

I usually run the '$connection' as a function but this file is all local. I am still in the dark with Object Oriented PHP. I am all self taught and I am just starting to be able to create scripts that work the first time. Instead of having to ask for help. So I am workin on it...

Your whole signature line reminds me of all the things I still need to learn.. I see them in forum scripts constantly.

@chazzyMar 25.2006 — #Actually, my signature line is supposed to be humorous - I find it funny that they call these functions magic.

Object Oriented programming has 2 main advantages - error checking and easy to read code. Procedural applications make it very hard to reuse code.

Also in #PHP _↴

Display seperate HTML page with php Item Database Can't get session variables to work!!

Success!

Help @Markbad311 spread the word by sharing this article on Twitter...

Tweet This

[RESOLVED] check DB if user exists…..

23 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

[RESOLVED] check DB if user exists…..

23 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

23 Comments(s) _↴

Also in #PHP _↴