0

I am learning something new with checking for whether a username is used in the database and have created some code based on a tutorial I found online. I understand the logic, though not sure I have approached it the right way. In essence. Information is passed over from a form field. If what has been entered matches a field in the database then I want it to return / echo a result 'yes'. if it does not match, I need it to echo 'no'. Seems straight forward.

The tutorial is designed for predetermined values. i.e. $existing_users=array('test',''one','two',three');

Though I want the 'test',''one','two',three' to actually pull dynamically from a database.

So I went about adding the setting it up to do so, though the code I have written doesn't work when I try to place dynamic values in. My code is as below:

$existing_users = array();
mysql_select_db($database_db, $db);
$result = mysql_query('SELECT * FROM clients') or exit(mysql_error());
while ($row = mysql_fetch_assoc($result)) {$existing_users[] = $row['shortcode'];}

$arr = $existing_users;

$display = "'" . implode("', '", $arr) . "'";

    // THIS IS THE PROBLEM 
    // If the code is written out as:
    // $existing_users=array('test',''one','two',three'); 
    // It works.
    // When the script is coded as below. It doesn't work.
    // Note. If I echo $display is displays 'test',''one','two',three'

$existing_users=array($display);

//value received from the get method
$user_name=$_POST['user_name'];

//checking weather user exists or not in $existing_users array
if (in_array($user_name, $existing_users))
{

//user name is not available
echo "no";
} 
else
{ 
//user name is available 
echo "yes";
}

I am not sure whether I am approaching this the right way because I am hacking an online tute, there potentially could be a far easier way. Any thoughts would be greatly appreciated.

Improve this question
3
  • 1
    Please don't use mysql_* functions in new code. They were removed from PHP 7.0.0 in 2015. Instead, use prepared statements via PDO or MySQLi. See Why shouldn't I use mysql_* functions in PHP? for more information. Commented Aug 26, 2012 at 0:08
  • No idea why you are assigning a new variable $arr. Commented Aug 26, 2012 at 0:08
  • You are adding a string to the $existing_users array. Why are you doing all that converting and copying of $existing_users to begin with? Commented Aug 26, 2012 at 0:11

2 Answers 2

Reset to default
3

here's a faster way to do it:

$user_name=mysqli_real_escape_string($_POST['user_name']);

$result = mysql_query("SELECT * FROM clients where shortcode like '$user_name'") or exit(mysql_error());

if(mysql_num_rows($result)==0)
    echo 'no';
else
    echo 'yes'

i didnt validate the input from $_POST tho

what tutorial are you following anyway??

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

i was just showing how to do it faster, even mentioned i didnt validate the input sigh
i should probably get familiar with mysqli
You should. Either mysqli_* or PDO.
mysqli_real_escape_string. You forgot the i, if you are doing it the modern way...
1

You don't need to remake $existing_users, as you are already creating that array from database query

$existing_users = array();
mysql_select_db($database_db, $db);
$result = mysql_query('SELECT * FROM clients') or exit(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
    $existing_users[] = $row['shortcode'];
}

$user_name=$_POST['user_name'];

if (in_array($user_name, $existing_users)){
    echo "no";
} else { 
    //user name is available 
    echo "yes";
}

and try to move your code to PDO

$db = new PDO('mysql:host=localhost;dbname='.$database_db, 'username', 'password', array(ATTR::PDO_EMULATE_PREPARES => false));
$stmt = $db->prepare("SELECT * FROM clients WHERE `shortcode`=:shortcode");
$stmt->execute(array(':shortcode' => $_POST['user_name']));

if($stmt->rowCount() == 1){
    echo 'no';
} else {
    echo 'yes';
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.