|
|
Posted by Richard Davey on 07/06/05 16:12
Hello Bill,
Wednesday, July 6, 2005, 3:36:09 AM, you wrote:
BM> I'm working my way through IBM's PHP tutorial. Generally good ...
BM> but I'm stuck at an error point and have no idea what's going
BM> wrong. Before adding a new row to the mysql database (already
BM> opened) we do a query to see if a particular record already
BM> exists. (see $resultT).
BM> We then test, using if, to see if $resultT is true or false. If
BM> it's false we are then supposed to enter a new record. Problem:
BM> it's never false. It always evaluates true. What am I doing wrong?
BM> /* build query to see if the record is entered already */
BM> $sqlT = "select * from users where
BM> username='".$_POST["name"]."'";
BM> $resultT = mysql_query($sqlT);
BM> /* Now test -- did we find anything ... if not add this user */
BM> if (! $resultT) {
BM> /* here we add the new record if it doesn't already exit /*
To be honest that is quite shocking code, especially from a "teaching
beginners" perspective - and even more so coming from the likes of
IBM. But, SQL injection issues aside, the problem is most likely that
there is nothing wrong with your SQL query. mysql_query will return a
false (for a SELECT query) only if there is an error, not if "no
records exist" - that isn't an error.
It would make more sense to actually do a: "SELECT COUNT(*) AS hits FROM
users WHERE username = 'x'" and then check the value of the returned
"hits" (which will always return something, even if zero).
Alternatively instead of doing if (!$result) you could do: if
(mysql_num_rows($result) > 0) ... that way you know that the user
already exists.
Best regards,
Richard Davey
--
http://www.launchcode.co.uk - PHP Development Services
"I do not fear computers. I fear the lack of them." - Isaac Asimov
Navigation:
[Reply to this message]
|