检查记录存在db - 错误显示

时间:2010-11-30 18:33:09

标签: php sql

如何检查用户名或电子邮件是否存在,然后在错误数组中添加错误消息。现在我有:

$sql = "SELECT username, email FROM users WHERE username = '" . $username . "' OR email = '" . $email . "'";

$query = mysql_query($sql);

if (mysql_num_rows($query) > 0)
{
 echo "That username or email already exists";
}

但是我想检查它是用户名还是现有的电子邮件然后放入:

错误[] =“用户名已存在”; //如果用户名是现有的

错误[] =“电子邮件已存在”; //如果电子邮件是现有的

怎么办?

3 个答案:

答案 0 :(得分:1)

听起来您正试图让用户知道在注册时是否已存在用户名或电子邮件。这是你可以做的:

<?php
//----------------------------------------
// Create first query
$usernameQuery = 'SELECT username FROM users WHERE username="'.mysql_real_escape_string($username).'"';

//----------------------------------------
// Query db
$usernameResult = mysql_query($userNameQuery);

//----------------------------------------
// Check if result is empty
if(mysql_num_rows($usernameResult) > 0){

   //----------------------------------------
   // Username already exists
   $error[] = 'Username already exists';

   //----------------------------------------
   // Return error to user and stop execution
   // of additional queries/code
} else {

  //----------------------------------------
  // Check if email exists

  //----------------------------------------
  // Create query
  $emailQuery = 'SELECT email FROM users WHERE email="'.mysql_real_escape_string($email).'"';

  //----------------------------------------
  // Query the db
  $emailResult = mysql_query($emailQuery);

  //----------------------------------------
  // Check if the result is empty
  if(mysql_num_rows($emailResult) > 0){

     //----------------------------------------
     // Email already exists
     $error[] = 'Email already exists';

     //----------------------------------------
     // Return error to user and stop execution
     // of additional queries/code
  } else {

     //----------------------------------------
     // Continue with registration...
  }
}
?>

请注意,在执行实际查询之前,您应始终转义值。

其他资源:
http://us.php.net/manual/en/function.mysql-real-escape-string.php http://us.php.net/manual/en/function.mysql-escape-string.php

答案 1 :(得分:1)

如果您只是在SQL中进行了快速的真/假检查并检查了返回的标志,那会更容易。

$sql = "SELECT "
  . "(SELECT 1 FROM `users` WHERE `username` = '" . mysql_real_escape_string($username) . "'), "
  . "(SELECT 1 FROM `users` WHERE `email` = '" . mysql_real_escape_string($email) . "')";

$query = mysql_query($sql);

if (mysql_num_rows($query) > 0) {
  $foundFlags = mysql_fetch_assoc($query);
  if ($foundFlags['username']) {
    $error[] = "username is existing";
  }

  if ($foundFlags['email']) {
    $error[] = "email is existing";
  }
} else {
  // General error as the query should always return
}

如果找不到条目,​​它将在标志中返回NULL,其值为false,因此if条件正常。

请注意,您可以将其概括为字段列表,如下所示:

$fieldMatch = array('username' => $username, 'email' => $email);

$sqlParts = array();
foreach ($fieldMatch as $cFieldName => $cFieldValue) {
  $sqlParts[] = "(SELECT 1 FROM `users` WHERE `" . $cFieldName . "` = '" . mysql_real_escape_string($cFieldValue) . "')";
}


$sql = "SELECT " . implode(", ", $sqlParts);

$query = mysql_query($sql);

if (mysql_num_rows($query) > 0) {
  $foundFlags = mysql_fetch_assoc($query);
  foreach ($foundFlags as $cFieldName => $cFlag) {
    if ($foundFlags[$cFieldName]) {
      $error[] = $cFieldName . " is existing";
    }
  }
} else {
  // General error as the query should always return
}

NB。请注意,假设所有字段都是字符串或其他字符串转义类型(例如日期/时间)。

答案 2 :(得分:0)

您可以获取一行,看看您是否搜索了相同的电子邮件或同一个用户名,或者两者都有。如果您在找到第一行匹配后可以停止,则可以执行LIMIT 0,1。

相关问题
最新问题