PHP MySQL:检查值是否已存在
I've been surfing around * and other pages for a while now and tried different approaches to this. But nothing seems to work.
I have a code which collect the inputs from a form and posts it into a database. And that works. But before it posts, i want it to chek if the field "shortlink" already exist. And if it does, i want the user to be redirected to another page.
This is the code i'm trying out right now.
EDIT: Full PHP code
class Db {
// The database connection
protected static $connection;
/**
* Connect to the database
*
* @return bool false on failure / mysqli MySQLi object instance on success
*/
public function connect() {
// Try and connect to the database
if(!isset(self::$connection)) {
// Load configuration as an array. Use the actual location of your configuration file
$config = parse_ini_file('../config.ini');
self::$connection = new mysqli('localhost',$config['username'],$config['password'],$config['dbname']);
}
// If connection was not successful, handle the error
if(self::$connection === false) {
// Handle error - notify administrator, log to a file, show an error screen, etc.
return false;
}
return self::$connection;
}
/**
* Query the database
*
* @param $query The query string
* @return mixed The result of the mysqli::query() function
*/
public function query($query) {
// Connect to the database
$connection = $this -> connect();
// Query the database
$result = $connection -> query($query);
return $result;
}
/**
* Fetch rows from the database (SELECT query)
*
* @param $query The query string
* @return bool False on failure / array Database rows on success
*/
public function select($query) {
$rows = array();
$result = $this -> query($query);
if($result === false) {
return false;
}
while ($row = $result -> fetch_assoc()) {
$rows[] = $row;
}
return $rows;
}
/**
* Fetch the last error from the database
*
* @return string Database error message
*/
public function error() {
$connection = $this -> connect();
return $connection -> error;
}
/**
* Quote and escape value for use in a database query
*
* @param string $value The value to be quoted and escaped
* @return string The quoted and escaped string
*/
public function quote($value) {
$connection = $this -> connect();
return "'" . $connection -> real_escape_string($value) . "'";
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//Our database object
$db = new Db();
// Quote and escape form submitted values
$name = $db -> quote($_POST["name"]);
$shortlink = $db -> quote($_POST["shortlink"]);
$downloadurl = $db -> quote($_POST["downloadurl"]);
$count = $db -> quote("0");
$date = $db -> quote(date("Y-m-d H:i:s"));
$checkUserID = $db -> select("SELECT shortlink FROM test WHERE `shortlink` = '$shortlink'");
if ($checkUserID->rowCount()){
header("Location: error.php?title=hovsa");
}
// Insert the values into the database
$result = $db -> query("INSERT INTO `test` (`name`,`shortlink`,`downloadurl`,`count`,`date`) VALUES (" . $name . "," . $shortlink . "," . $downloadurl . "," . $count . "," . $date . ")");
//Upload image file
if (isset($_POST['submit']))
{
$filename = $_FILES["file"]["name"];
$file_basename = substr($filename, 0, strripos($filename, '.')); // get file extention
$file_ext = substr($filename, strripos($filename, '.')); // get file name
$filesize = $_FILES["file"]["size"];
$allowed_file_types = array('.jpg','.jpeg');
if (in_array($file_ext,$allowed_file_types) && ($filesize < 20000000000))
{
// Rename file
$newfilename = $_POST['shortlink'] . $file_ext;
if (file_exists("../gallery/" . $newfilename))
{
// file already exists error
echo "You have already uploaded this file.";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"], "../gallery/" . $newfilename);
echo "File uploaded successfully.";
}
}
elseif (empty($file_basename))
{
// file selection error
echo "Please select a file to upload.";
}
elseif ($filesize > 20000000000)
{
// file size error
echo "The file you are trying to upload is too large.";
}
else
{
// file type error
echo "Only these file typs are allowed for upload: " . implode(', ',$allowed_file_types);
unlink($_FILES["file"]["tmp_name"]);
}
}
header("Location: #users");
}
else{};
$checkUserID = $db -> select("SELECT shortlink FROM test WHERE `shortlink` = '$shortlink'");
if ($checkUserID == $shortlink) {
header("Location: error.php?title=hovsa");
}
It dosen't work. The form is postet into the database despite shortlink already exists.
As per documentation, mysqli::query for successful SELECT queries returns a mysqli_result object. To extract an object or array from it you should call one of the fetch_* functions listed here. But you just need to check if there any record exists so it's preferrable to use $num_rows property. So your code would look like:
$checkUserID = $db -> query("SELECT shortlink FROM test WHERE `shortlink` = $shortlink");
if ($checkUserID === false) {
die($db->error());
}
if ($checkUserID->num_rows) {
header("Location: error.php?title=hovsa");
exit(0);
}
You need to find if any results exists in the database so try
$checkUserID= $db -> select("SELECT shortlink FROM test WHERE `shortlink` = '$shortlink'");
if ($checkUserID->rowCount()) {
header("Location: error.php?title=hovsa");
}
So the return type of your select method is an array, but you are comparing it to a string. So this is always false. Check that the array is not empty to determine if the entry exists
$checkUserID = $db -> select("SELECT shortlink FROM test WHERE `shortlink` = '$shortlink'");
if ( !empty($checkUserID) ) {
header("Location: error.php?title=hovsa");
}
//OR check the length is greater than 0
if ( count($checkUserID) > 0 ) {
header("Location: error.php?title=hovsa");
}