我希望此代码在学生注册课程时向我显示错误消息
$reds = mysqli_query($db,"SELECT count(*) FROM `course` " );
$row = mysqli_fetch_row($reds);
$num = $row[0];
echo $num>0 ; die();
var_dump($num) ;die();
if ($num>0){
// echo "record already exits";
}
else {
$sd = "INSERT INTO `users_course`(users_id,course_id) VALUES ( ' {$_SESSION['users_id']}', '$course_id')";
$r = mysqli_query($db, $sd);
if ($r) {
$m = ' register';
header('location: registercourse.php'); //redirect to index page after inserting
答案 0 :(得分:0)
您只需在查询中传递users_id
即可检查特定学生(用户ID)是否已注册该课程。
$reds = mysqli_query($db,"SELECT count(*) FROM `users_course` where users_id = `".$_SESSION['users_id']."` and course_id='".$course_id."'" );
因为使用当前的SELECT查询,您只检查课程表中是否存在任何课程。因为会有一些行,它会给出你的错误信息,即课程已经存在。
希望这是对你的明确解释。
答案 1 :(得分:0)
我不知道您的数据库的结构是什么,但我认为您必须更改此查询' SELECT count()FROM course
'
to" SELECT count()FROM users_course
WHERE course_id =' {$ _ SESSION [' users_id']}' AND user_id =' $ course_id'"
答案 2 :(得分:0)
如下所示: -
<?php
session_start(); //start session to use session variable
$user_id = $_SESSION['users_id'];
$reds = mysqli_query($db,"SELECT * FROM `users_course` WHERE users_id = $user_id AND course_id= $course_id " );
if (mysqli_num_rows($reds)>0){
echo "record already exits";exit;
}else {
$sd = "INSERT INTO `users_course`(users_id,course_id) VALUES ( $user_id, $course_id)";
$r = mysqli_query($db, $sd);
if ($r) {
$m = ' register';
header('location: registercourse.php'); //redirect to index page after inserting
}else{
echo "error:-".mysqli_error($db);
}
}
注意: - 可能是当前为您工作的代码,但它对SQL注入是开放的,因此请尝试阅读prepared statements
并使用它们
请查看此示例: -
<?php
session_start(); //start session to use session variable
$user_id = $_SESSION['users_id'];
$stmt = mysqli_prepare($db, "SELECT * FROM `users_course` WHERE users_id = ? AND course_id= ?");
mysqli_stmt_bind_param($stmt, 'ii', $user_id, $course_id);
/* execute query */
mysqli_stmt_execute($stmt);
/* store result */
mysqli_stmt_store_result($stmt);
if(mysqli_stmt_num_rows($stmt)>0){
/* close statement */
mysqli_stmt_close($stmt);
echo "record already exits";exit;
}else{
$stmt = mysqli_prepare($db,"INSERT INTO `users_course`(users_id,course_id) VALUES (?, ?)";
mysqli_stmt_bind_param($stmt, 'ii', $user_id, $course_id);
if ( mysqli_stmt_execute($stmt)) {
$m = ' register';
header('location: registercourse.php'); //redirect to index page after inserting
}else{
echo "error:-".mysqli_error($db);
}
}
/* close connection */
mysqli_close($db);
?>