• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 392
  • Last Modified:

checking if email address and picture ID exist in database

I am trying to modify the dreamweaver check username function to check if an email address and picture id exist. So, a random user can vote for pictures but can only vote once. If they try vote again, it should check for the email address they are entering and check if they have already voted for that picture or not. I tried this but it doesn't stop me from voting for the same pic over and over again. I don't get any errors...

$MM_flag="MM_insert";
if (isset($_POST[$MM_flag])) {
  $MM_dupKeyRedirect="logocomp.php";
  $loginUsername = $_POST['email'];
  $loginpicid = $_POST['picid'];
  $LoginRS__query = sprintf("SELECT email, picid FROM ratings WHERE email=%s & picid=%s", GetSQLValueString($loginUsername, "text"),GetSQLValueString($loginpicid, "int"));
  mysql_select_db($database_test, $test);
  $LoginRS=mysql_query($LoginRS__query, $test) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);

  //if there is a row in the database, the username was found - can not add the requested username
  if($loginFoundUser){
    $MM_qsChar = "?";
    //append the username to the redirect page
    if (substr_count($MM_dupKeyRedirect,"?") >=1) $MM_qsChar = "&";
    $MM_dupKeyRedirect = $MM_dupKeyRedirect . $MM_qsChar ."requsername=".$loginUsername;
    header ("Location: $MM_dupKeyRedirect");
    exit;
  }
}}

Open in new window

0
jonofat
Asked:
jonofat
  • 2
  • 2
2 Solutions
 
Chris StanyonCommented:
Your query is wrong - you should wrap the email address in quotes and use AND instead of &

$LoginRS__query = sprintf("SELECT email, picid FROM ratings WHERE email='%s' AND picid=%s", GetSQLValueString($loginUsername, "text"),GetSQLValueString($loginpicid, "int"));

Open in new window

You may also need to wrap the picid value in quotes, depending on your datatype - if it's a string, wrap it !
0
 
Ray PaseurCommented:
Lines 6, 7, and 8 do not make any sense.  If you give MySQL the query prepared on line 6, it should die on line 8.  Are you sure we are looking at the correct code?

You can use var_dump() to print out the contents of variables.  If I observed behavior like you describe, I would use var_dump() immediately!  Print out everything involved in the process - the external variables and the query string would be a good place to start.

You might also want to get some foundation in how PHP works.  DreamWeaver is almost the worst possible place to look for PHP advice.  This book will help you get some structured learning.
http://www.sitepoint.com/books/phpmysql4/

Best of luck with the project, ~Ray
0
 
jonofatAuthor Commented:
Ray, took your advice. I ditched the dreamweaver code and did it myself. I have got the email part working but just need to figure out the second part with the ID now. Please let me know if this code is okay?

if (isset($_POST['submit'])) {
$usermail = mysql_real_escape_string($_POST['email']);
$query ="SELECT * FROM ratings WHERE email ='$usermail'";
$data = mysql_query($query, $evs);
if (mysql_num_rows($data) == 0) {
	echo "you can vote"; }
	else {
		echo" you have already voted";
	}
}

Open in new window

0
 
jonofatAuthor Commented:
Whoohoo, I got it working ! :) Going to give you guys both points for at least replying to my question. Ray, I think dropping dreamweaver would be good for me, especially if I look at the code dreamweaver generated vs. what I manually typed in. Makes much more sense to me.
0
 
Ray PaseurCommented:
Congratulations!  Your own code example looks a lot more reasonable than the Dreamweaver code.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now