我似乎无法防止姓名重复输入 [英] I can't Seem To Prevent Duplicate Name inputs
问题描述
好的,所以我已经研究了一段时间了. 我要达到的目的是防止人们能够创建在name ='name'字段中输入的相同名称.这是html代码.
Okay, so I've been going at it for a while now. What I'm trying to achieve is to prevent people from being able to create the same name that is entered in the name='name' field. Here's the html code.
<div class="fieldclass"><form action='/newlist.php' method='POST' id="formID">
Name Your Card <input class='ha' type='text' name='name'><p>
<input type='submit' value='create'/>
</form>
这是我的mysql页面.
and this is my mysql page.
<?php
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "christmas";
// Create connection
$dbhandle = mysqli_connect ($servername, $username, $password, $dbname) or die ("could not connect to database");
$selected = mysql_connect('christmas', $dbhandle);
$query = mysql_query("SELECT * FROM list WHERE name='$name'");
if(mysql_num_rows($query) > 0){
echo 'that name already exists';
}else{
mysql_query("INSERT INTO list(name, one , two, three, four, five, six, seven, eight) VALUES ('$name' , '$one' , '$two' , '$three' , '$four' , '$five' , '$six', '$seven' , '$eight')");
}
mysql_close();
?>
我到底在做什么错?
推荐答案
这里有很多错误.
您正在使用MySQL关键字list
作为函数,仅此一项就会给您带来麻烦.
You're using a MySQL keyword list
as a function, and that alone will cause you problems.
旁注:是的,我知道这不是一个保留"字,它是一个关键字",如果将MySQL用作函数,MySQL会特别对待关键字,这就是您在第二个查询中正在做的 ,这是MySQL将其解释为的方式;函数而不是表声明名称.
Sidenote: Yes, I know it's not a "reserved" word, it's a "keyword" and MySQL treats keywords specially if used as a function, which is what you're doing now in your second query, and is the way that MySQL is interpreting it as; a function rather than a table declaration name.
我建议您将该表重命名为列表,或将其包装在刻度中.
I suggest you rename that table to lists, or wrap it in ticks.
您还混合了不会混用的MySQL API/函数.
You're also mixing MySQL APIs/functions that do not intermix.
因此您的新代码应为,
同时放下$selected = mysql_connect('christmas', $dbhandle);
So your new code would read as,
while dropping $selected = mysql_connect('christmas', $dbhandle);
$query = mysqli_query($dbhandle, "SELECT * FROM `list` WHERE name='$name'")
or die (mysqli_error($dbhandle));
if(mysqli_num_rows($query) > 0){
echo 'that name already exists';
}else{
mysqli_query($dbhandle, "INSERT INTO `list` (name, one, two, three, four, five, six, seven, eight)
VALUES ('$name' , '$one' , '$two' , '$three' , '$four' , '$five' , '$six', '$seven' , '$eight')")
or die (mysqli_error($dbhandle));
}
mysqli_close($dbhandle);
您的代码也可以进行SQL注入.使用准备好的语句.
Your code is also open to an SQL injection. Use a prepared statement.
现在,我们不知道所有变量的来源.
Now, we have no idea as to where all your variables are coming from.
使用错误报告.
我还建议您为变量/输入使用条件empty()
.
I also suggest you use a conditional empty()
for your variables/inputs.
否则,您可能还会收到MySQL可能抱怨的其他错误.
Otherwise, you may also get other errors that MySQL may complain about.
即:
if(!empty($var)){...}
- 引用: http://php.net/manual/en/function.empty .php
- Ref: http://php.net/manual/en/function.empty.php
最后,要确保数据库中没有重复的条目,可以设置UNIQUE约束.
Ultimately and to make sure there are no duplicate entries in your database, you can set a UNIQUE constraint.
这篇关于我似乎无法防止姓名重复输入的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!