我有以下代码并且它插入了一条记录,但我希望用户名和电子邮件字段是唯一的,我如何修改我的代码来执行此操作?我也遇到了无法重定向到站点索引的页面的问题。任何帮助都是apreciated
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "createAccount")) {
$insertSQL = sprintf("INSERT INTO tblUser (username, password, userTypeKey, email) VALUES (%s, %s, %s, %s)",
GetSQLValueString($_POST['username'], "text"),
GetSQLValueString($_POST['user_password2'], "text"),
GetSQLValueString($_POST['userType'], "int"),
GetSQLValueString($_POST['user_email'], "text"));
mysql_select_db($database_ignite, $ignite);
$Result1 = mysql_query($insertSQL, $ignite) or die(mysql_error());
$insertGoTo = "index.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
答案 0 :(得分:0)
您需要做的就是编写一个SELECT语句,并在数据库中查询$ _POST ['username'] OR $ _POST ['user_email']然后写一个IF语句进行相应的反应。如果select找到现有帐户,则报告错误,ELSE执行插入。
我在自己的框架中创建了一个快速而肮脏的示例。您将无法将其剪切并粘贴到您自己的代码中,但它应该有效地证明了这一原则。
$isUnique = $db->checkUniqueUser($_POST['username'], $_POST['user_email']);
if(!odbc_fetch_row($isUnique)){
echo "No dupe. Put your insert statement here.";
} else {
echo "You have a dupe.";
}
//Below are functions that I would use in my Controller class.
public function checkUniqueGroup($user_name = NULL, $user_email=NULL)
{
$querytext= <<<EOD
SELECT User, Email FROM YourTable WHERE User = '$user_name' OR Email = '$user_email'
EOD;
return $this->query($querytext);
}
public function query($querytext)
{
//This example is from my framework. The $conn variable is instantiated in the constructor.
return odbc_exec($this->conn, $querytext);
}
答案 1 :(得分:0)
<强>更新强>
好的,所以我想到了另一种方法来做这个没有独特的索引。这有两种方法:
1)在INSERT中包含NOT EXISTS子查询,以确保在INSERT时不存在非唯一值。将INSERT SQL更改为:
$insertSQL = sprintf("INSERT INTO tblUser (username, password, userTypeKey, email) SELECT %s, %s, %s, %s FROM DUAL WHERE NOT EXISTS (SELECT * FROM tblUser WHERE username = %s OR user_email = %s)",
GetSQLValueString($_POST['username'], "text"),
GetSQLValueString($_POST['user_password2'], "text"),
GetSQLValueString($_POST['userType'], "int"),
GetSQLValueString($_POST['user_email'], "text"),
GetSQLValueString($_POST['username'], "text"),
GetSQLValueString($_POST['user_email'], "text"));
你可能还需要在die()之前检查mysql_errno()是否找不到错误。
2)在用户名上创建唯一索引,在user_email上创建唯一索引。
CREATE UNIQUE INDEX UX_tblUser_username
ON tblUser ( username );
CREATE UNIQUE INDEX UX_tblUser_user_email
ON tblUser ( user_email );
如果有重复项,那么插入将失败。要处理失败的INSERT,请替换:
$Result1 = mysql_query($insertSQL, $ignite) or die(mysql_error());
有类似的东西:
$Result1 = mysql_query($insertSQL, $ignite) or 1062 == mysql_errno() or die(mysql_error());
if (1062 == mysql_errno()) {
// There is a duplicate. Do whatever you intend for duplicates
}
为什么需要一个独特的索引?为什么你不能依赖SELECT后跟INSERT保证唯一性?因为时间安排。 INSERT很可能在不同进程中的SELECT和INSERT之间的一个进程中发生。虽然可能性很低,但仍然很有可能。
答案 2 :(得分:0)
我将代码更改为下面的内容并且有效
$editFormAction = $_SERVER['PHP_SELF'];
$query_dupUserCheck = "SELECT tblUser.userKey FROM tblUser WHERE tblUser.username = '".$_POST['username']."'";
$sqlsearch = mysql_query($query_dupUserCheck);
$resultcount = mysql_numrows($sqlsearch);
$query_dupUserCheck2 = "SELECT tblUser.userKey FROM tblUser WHERE tblUser.email = '".$_POST['user_email']."'";
$sqlsearch2 = mysql_query($query_dupUserCheck2);
$resultcount2 = mysql_numrows($sqlsearch2);
if ($resultcount > 0 & $resultcount2 > 0) {
print("That Username and Email Already Exists");
} else {
if ($resultcount > 0) {
print("That Username Already Exists");
} else {
if ($resultcount2 > 0) {
print("That Email Already Exists");
} else {
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "createAccount")) {
$insertSQL = sprintf("INSERT INTO tblUser (username, password, userTypeKey, email) VALUES (%s, %s, %s, %s)",
GetSQLValueString($_POST['username'], "text"),
GetSQLValueString($_POST['user_password2'], "text"),
GetSQLValueString($_POST['userType'], "int"),
GetSQLValueString($_POST['user_email'], "text"));
mysql_select_db($database_ignite, $ignite);
$Result1 = mysql_query($insertSQL, $ignite) or die(mysql_error());
$insertGoTo = "index.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location : %s", $insertGoTo));
}
}}}