James Murrell
asked on
php mysql check email already in database. (second check)
hello i have code below which checks to see if Teamname is in database : i would like to also add a check Email...
//Check to see if the Teamname is already taken
$query = "SELECT TeamName FROM f1users WHERE TeamName = '".mysql_real_escape_string($TeamName)."'";
$result = mysql_query($query) or die(mysql_error()); // Get an array with the clients
while($row = mysql_fetch_array($result))
{ // For each instance, check the username
if($row['TeamName'] == $TeamName)
{
$usernameTaken = true;
}else{$usernameTaken = false;
}
}
if($usernameTaken)
{
echo "<h1>Really Sorry but that TeamName has been taken.</h1> Please try again";
// Then, redirect them to the profile page
echo "<p><a href='../register.html'>Try Again</a></p>";
}
// If our email or PayPal addresses are invalid
else if(!eregi("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,3})$", $Email))
{
echo "<P><H2>Hello Sorry. The email address you entered is invalid.</h2>"; // Tell the user
}
else{
$result= MYSQL_QUERY(
"INSERT INTO f1users (submissionID,Email,FullName,Driver1,Driver2,Team1,LewisEndofyearPosition,Amount,Total,TeamName,Password,MyRaceId)".
"VALUES ('','$Email', '$FullName', '$Driver1', '$Driver2', '$Team1', '$LewisEndofyearPosition', '$Amount', '$Total', '$TeamName', '$pw', '$MyRaceId')"
);
echo "<h1>Thank you for signing up.</h1> Please now login. <p>";
echo "<p><a href='../log.html'>Login</a></p>";
}
ASKER
if i duplicate do where do I do this i have tried several parts and failed...
also do i have two insert statements... sorry newbie for php
also do i have two insert statements... sorry newbie for php
Here's some useful info for PHP newbies. If you have other programming experience, you can just skip over the parts you already know.
https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html
I almost overlooked it (sorry about that) but the MySQL extension is gone, too, just like ereg() functions. Here's the way to remediate that...
https://www.experts-exchange.com/articles/11177/PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
Can you please post the complete script that makes these tests? I think it might be easier to refactor it, rather than try to make piecemeal changes. I'll be glad to give you a hand with that.
https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html
I almost overlooked it (sorry about that) but the MySQL extension is gone, too, just like ereg() functions. Here's the way to remediate that...
https://www.experts-exchange.com/articles/11177/PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
Can you please post the complete script that makes these tests? I think it might be easier to refactor it, rather than try to make piecemeal changes. I'll be glad to give you a hand with that.
ASKER
thanks for links
complete code is i have commented my test that almost worked
complete code is i have commented my test that almost worked
<?php
// Require the file that connect to the database.
// It is good practice to put the database connection
// information in a separate file.
require('db.php');
// Since we used the post method in our form, we can
// securely call our data using the $_POST predefined
// variable, with parameters specified by the name
// attribute in our form.
$submissionID =mysql_real_escape_string($_POST['submissionID']);
$Email =mysql_real_escape_string($_POST['Email']);
$FullName =mysql_real_escape_string($_POST['FullName']);
$Driver1 =mysql_real_escape_string($_POST['Driver1']);
$Driver2 =mysql_real_escape_string($_POST['Driver2']);
$Team1 =mysql_real_escape_string($_POST['Team1']);
$LewisEndofyearPosition =mysql_real_escape_string($_POST['LewisEndofyearPosition']);
$Amount =mysql_real_escape_string($_POST['Amount']);
$Total =mysql_real_escape_string($_POST['Total']);
$TeamName =mysql_real_escape_string($_POST['TeamName']);
$Password =mysql_real_escape_string($_POST['Password']);
$pw = md5($Password);
$MyRaceId =mysql_real_escape_string($_POST['MyRaceId']);
//Check to see if the username is already taken
$query = "SELECT TeamName FROM f1users WHERE TeamName = '".mysql_real_escape_string($TeamName)."'";
$result = mysql_query($query) or die(mysql_error()); // Get an array with the clients
while($row = mysql_fetch_array($result))
/*{ // For each instance, check the username
if($row['Email'] > $Email)
{
$WhoopsTaken = true;
}else{$whoopsTaken = false;
}
}
{ // For each instance, check the username
if($row['TeamName'] == $TeamName)
{
$usernameTaken = true;
}else{$usernameTaken = false;
}
}
if($WhoopsTaken)
{
echo "<h1>Really Sorry but if you would like to cheat please do not play this game</h1> Please try again";
// Then, redirect them to the profile page
echo "<p><a href='../register.html'>Try Again</a></p>";
}
if($usernameTaken)
{
echo "<h1>Really Sorry but that TeamName has been taken.</h1> Please try again";
// Then, redirect them to the profile page
echo "<p><a href='../register.html'>Try Again</a></p>";
}
// If our email or PayPal addresses are invalid
else if(!eregi("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,3})$", $Email))
{
echo "<P><H2>Hello Sorry. The email address you entered is invalid.</h2>"; // Tell the user
}
else{
// Finally, we use a MYSQL_QUERY to insert our information
// into the database. INSERT INTO defines what fields we want
// to insert information, and VALUES defines the values that
// we are entering.
$result= MYSQL_QUERY(
"INSERT INTO f1users (submissionID,Email,FullName,Driver1,Driver2,Team1,LewisEndofyearPosition,Amount,Total,TeamName,Password,MyRaceId)".
"VALUES ('','$Email', '$FullName', '$Driver1', '$Driver2', '$Team1', '$LewisEndofyearPosition', '$Amount', '$Total', '$TeamName', '$pw', '$MyRaceId')"
);
echo "<h1>Thank you for signing up.</h1> Please now login. <p>";
echo "<p><a href='../log.html'>Login</a></p>";
}
?>
</div>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for this i have tried to use your code: Thanks for all the comments in your code...
but when i run it i just get a blank page :-(
but when i run it i just get a blank page :-(
ASKER
Thanks great help
You could mark the email column UNIQUE; this would cause MySQL to throw error number 1062 when an attempt is made to insert a duplicate.
Also, you probably want to reconsider the use of eregi() on line 25. That function has been removed from PHP. A more promising solution might be to use filter_var()