1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Checking For Duplicate Entries In Mysql database

Discussion in 'General Programming Chat' started by steves, Aug 5, 2008.

  1. steves

    steves Regular Member

    Joined:
    Jun 6, 2007
    Messages:
    221
    Likes Received:
    61
    My landing page is capturing all of the data and I am using php to make sure everything is filled out the way I want to. Problem I am having now is some people are submitting more then one time. I would like to be able to check the database for there email address first, if it is not there then it will go on to verify that the fields are filled in properly and store it int he db. My code looks like this so far...

    Code:
    $search_email = "SELECT email FROM db where email = $email";
    if (mysql_query($search_email)){
    echo 'That email address is already in our system';}
    
    
    else{
    
    verification code goes here and then submits to the db
    
    Right now it just skips past checking the address and submits it. Anyone able to give me a hand with this headache?
     
  2. steves

    steves Regular Member

    Joined:
    Jun 6, 2007
    Messages:
    221
    Likes Received:
    61
    I figured it out. This is the code I used to check for duplicate entries.

    Code:
    $search_email = "SELECT email FROM db where email = '$email'";
    $result = mysql_query($search_email);  
    if (mysql_num_rows($result)>0)
    {
    echo 'That email address is already in our system';
    }  
     
    else {
    
    rest of form verification code goes here
    
    
     
  3. Orebil

    Orebil Registered Member

    Joined:
    Jul 13, 2008
    Messages:
    66
    Likes Received:
    13
    Occupation:
    Web Developer
    Location:
    USA
    NO no no! You're opening yourself up to SQL injection by just inserting $email in there. Make sure you filter your input before submitting database queries!
     
  4. mrkenginer

    mrkenginer Newbie

    Joined:
    Jul 17, 2008
    Messages:
    17
    Likes Received:
    1
    mysql_real_escape_string()

    Code:
    $email = mysql_real_escape_string($email);
    $search_email = "SELECT email FROM db where email = '$email'";
    $result = mysql_query($search_email);  
    if (mysql_num_rows($result)>0)
    {
    echo 'That email address is already in our system';
    }  
     
    else {
    
    rest of form verification code goes here
    
     
    Last edited: Aug 6, 2008
  5. dynander

    dynander Regular Member

    Joined:
    Nov 16, 2008
    Messages:
    279
    Likes Received:
    53
    why not an unique index in the email field? It would be one query less

    The only thing is to handle the error properly