I'm trying to write a script for users to register to a club, and it does all the validation stuff properly and works great until it gets to the part where its supposed to check for duplicates. I'm not sure what is going wrong. HELP PLEASE!!! Thank you in Advance,
<?php
mysql_connect ("sqlhost", "username", "password") or die(mysql_error());
mysql_select_db ("databasename") or die(mysql_error());
$errormsgdb = "";
$errordb = "Sorry but that ";
$error1db = "Name";
$error2db = "email";
$error3db = "mobile number";
$errordbe = " is already registered";
$pass1db = "No Matching Name";
$pass2db = "No Matching Email";
$pass3db = "No Matching Mobile";
$errorcount = 0;
$qResult = mysql_query ("SELECT * FROM table");
$nRows = mysql_num_rows($qResult);
for ($i=1; $i< $nRows+1; $i++){
$result = mysql_query("SELECT id,fname,lname,dob,email,mobile,agree,code,joindate FROM table WHERE fname = '$ffname");
if ($result > 0) {
$errorcount = $errorcount++;
$passdb = 0;
$errormsgdb = $error1db;
echo "<div class=\"box red\">$errordb $errormsgdb
} else {
$pass = 1;
$errormsgdb = $pass1db;
echo "<div class=\"box green\">$errormsgdb</div><br />";
}
//--------------- Check if DB checks returned errors ------------------------------------>
if($errorcount <= 0){
$dobp = $_REQUEST['day'].'/'.$_REQUEST['month'].'/'.$_REQUEST['year'];
$dob = $_REQUEST['year'].$_REQUEST['month'].$_REQUEST['day'];
//header('Location: thankyou.php?ffname='.$ffname.'&flname='.$flname.'&dob='.$dob.'&femail='.$femail.'&fmobile='.$fmobile.'&agree='.$agree.'&code='.$code.'&dobp='.$dobp);
echo "<div class='box green'>Form completed! Error Count = $errorcount</div>";
} else {
echo "<div class='box red'>There was an Error! Error Count = $errorcount</div>";
}
}
?>
There are quite a few things that don't make sense in your script, the multiple queries for one ! why not just query for the data and see if you get a match - instead of looping each user and checking it ?? ... but I think your main problem is
$errorcount = " ";
then you do
$errorcount = $errorcount++;
this will NOT work ... you created $errorcount as a string so incrementing it won't work. You should initialise it as a number :
$errorcount = 0;
then to increment :
$errorcount++;
you are using the database in a strange manner.
At first you are querying all data in the table.
And then in a loop, you are again querying all the rows in the table but this time row for row. This all is highly inefficient.
what you should do is query the database directly to ask for any duplicates
Thank you for all your help ManseUK and Toad your answers where invaluble especially ManseUK. The solution I ended up with is bellow, if anyone has a solution that would be prettier and/or more efficient that would be great as well.
<?php
mysql_connect ("mysqlhost", "username", "password") or die(mysql_error());
mysql_select_db ("database") or die(mysql_error());
$errormsgdb = "";
$errordb = "Sorry but that ";
$error1db = "Name";
$error2db = "email";
$error3db = "mobile number";
$errordbe = " is already registered";
$pass1db = "No Matching Name";
$pass2db = "No Matching Email";
$pass3db = "No Matching Mobile";
// Formulate Name Query
$queryname = sprintf("SELECT * FROM table
WHERE fname='%s' AND mname='%s' AND lname='%s'",
mysql_real_escape_string($ffname),
mysql_real_escape_string($fmname),
mysql_real_escape_string($flname));
// Perform Name Query
$resultname = mysql_query($queryname);
// Check result
if (!$resultname) {
$message = 'Invalid query: ' . mysql_error() . "
";
$message .= 'Whole query: ' . $queryname;
die($message);
}
// Use result
while ($row = mysql_fetch_assoc($resultname)) {
$dbfullname = strtoupper($row['fname'].$row['mname'].$row['lname']);
$fullname = strtoupper($ffname.$fmname.$flname);
if ($dbfullname == $fullname){
$passdb = 0;
$errormsgdb = $error1db;
echo "<div class=\"box red\">$errordb $errormsgdb $errordbe</div><br />";
} else {
$pass = 1;
$errormsgdb = $pass1db;
echo "<div class=\"box green\">$errormsgdb</div><br />";
}
}
// Formulate Email Query
$queryemail = sprintf("SELECT * FROM table
WHERE email='%s'",
mysql_real_escape_string($femail));
// Perform Email Query
$resultemail = mysql_query($queryemail);
// Check result
if (!$resultemail) {
$message = 'Invalid query: ' . mysql_error() . "
";
$message .= 'Whole query: ' . $queryemail;
die($message);
}
// Use result
while ($row = mysql_fetch_assoc($resultemail)) {
$cemail = strtoupper($femail);
$dbemail = strtoupper($row['email']);
if ($cemail != $dbemail) {
$passdb = 1;
$errormsgdb = $pass2db ;
echo "<div class=\"box green\">$errormsgdb</div><br />";
} else {
$passdb = 0;
$errormsgdb = $error2db;
echo "<div class=\"box red\">$errordb $errormsgdb $errordbe</div>";
}
}
// Formulate Mobile Query
$querymobile = sprintf("SELECT * FROM table
WHERE mobile='%s'",
mysql_real_escape_string($fmobile));
// Perform Mobile Query
$resultmobile = mysql_query($querymobile);
// Check result
if (!$resultmobile) {
$message = 'Invalid query: ' . mysql_error() . "
";
$message .= 'Whole query: ' . $queryemail;
die($message);
}
// Use result
while ($row = mysql_fetch_assoc($resultmobile)) {
$cmobile = ereg_replace("[^0-9]", "", $fmobile );
if ($cmobile != $row['mobile']) {
$passdb = 1;
$errormsgdb = $pass3;
echo "<div class=\"box green\">$errormsgdb</div><br />";
} else {
$passdb = 0;
$errormsgdb = $error3db;
echo "<div class=\"box red\">$errordb $errormsgdb $errordbe</div>";
}
}
?>
Thank you again :)