如果SELECT COUNT小于或等于10,则输入预订详细信息

时间:2014-04-17 13:57:20

标签: php sql select mysqli count

我试图在PHP中创建一个简单的预订表单。

如果具有相同日期和时间的预订金额小于或等于10,我希望它将详细信息输入到表中。

还有别的,我想要留言说#34;预订失败!我们当时已经预订完毕。"

问题:我在一个特定的日期和时间以及测试时刻有10个预订,但是我的所有消息都会以"预订失败!我们当时已经预订完毕。"无论何时何地。什么都没有被导入。

我在没有SELECT COUNT查询的情况下测试了输入过程并成功输入了,所以我知道我的"小于或等于"查询。

我非常感谢任何帮助!感谢

<?php 

require_once('lib/php/functions.php'); 
require_once('lib/php/db_connect.php');

//Grab Form Data
$reservationName = trim($_POST['reservationName']);
$reservationEmail = trim($_POST['reservationEmail']);   
$reservationNumber = trim($_POST['reservationNumber']);
$reservationDate = trim($_POST['reservationDate']);   
$reservationTime = trim($_POST['reservationTime']);   

$submit = trim($_POST['submit']);

$message = '';

if (!$db_server){ 
    die("Unable to connect to MySQL: " . mysqli_connect_error()); 
    $db_status = "not connected"; 
}else{

    //If submit comment pressed, get data and input 
    if (isset($submit) && $submit == 'Submit reservation'){    

        if ($reservationName&&$reservationEmail&&$reservationNumber&&$reservationDate&&$reservationTime){

            $reservationName = clean_string($db_server, $reservationName);
            $reservationEmail = clean_string($db_server, $reservationEmail);
            $reservationNumber = clean_string($db_server, $reservationNumber);
            $reservationDate = clean_string($db_server, $reservationDate);    
            $reservationTime = clean_string($db_server, $reservationTime);
            mysqli_select_db($db_server, $db_database); 

            $query="SELECT COUNT(*) FROM reservations AS reservationCount WHERE reservationDate='$reservationDate' AND reservationTime='$reservationTime'"; 
            $result=mysqli_query($db_server, $query); 

            $row=mysqli_fetch_array($result);

            if ($row <= 10){

                $query = "INSERT INTO reservations (reservationName, reservationEmail, reservationNumber, reservationDate, reservationTime)
                          VALUES ('$reservationName', '$reservationEmail', '$reservationNumber', '$reservationDate', '$reservationTime')"; 
                mysqli_select_db($db_server, $db_database); 
                mysqli_query($db_server, $query) or 
                        die("Insert failed: " . mysqli_error($db_server)) . $query; 

                $message = "<p class='success'>Booking successful! See you soon.</p>";

            }else{ 

                $message = "<p class='fail'>Booking failure! We're fully booked at that time.</p>";
            }              

        }else{
            $message = "<p class='fail'>Booking failure! Please fill in all the fields.</p>";  
        }    
    }
}             
?>

2 个答案:

答案 0 :(得分:2)

首先,您的查询是错误的。将其更新为:

$query="SELECT COUNT(*) AS reservationCount FROM reservations WHERE reservationDate='$reservationDate' AND reservationTime='$reservationTime'"; 

您的查询错误的原因是,如果您在表名后添加as reservationCount,它将成为表别名,而不是结果字段别名。

然后更新执行检查的代码:

if ($row['reservationCount'] <= 10){

P.S。您的代码看起来对SQL注入开放。考虑以面向对象的方式使用MySQLi库并绑定params以防止sql注入。

看一下这个例子,它涵盖了两个建议:http://php.net/manual/en/mysqli.prepare.php#refsect1-mysqli.prepare-examples

答案 1 :(得分:1)

COUNT(*)在一行中返回一个单独的值,并且您要检查行数,因此它始终为真,因为1 <= 10始终为true。将其更改为:

if ($row[0] <= 10){