1

您好,我有以下代码验证表单中是否包含数据,然后我想确保在我插入之前,名称、电子邮件和地址不在我的数据库中...

你能告诉我在哪里弄乱了下面的内容吗?即使它是唯一数据,它也会抛出已经存在的错误

    if($_POST['formSubmit'] == "Submit") 
{
    $errorMessage = "";

    if(empty($_POST['formName'])) 
    {
        $errorMessage .= "<li>You forgot to enter a name!</li>";
    }
    if(empty($_POST['formEmail'])) 
    {
        $errorMessage .= "<li>You forgot to enter an email!</li>";
    }
    if(empty($_POST['formAddress'])) 
    {
        $errorMessage .= "<li>You forgot to enter your Address!</li>";
    }
    if(empty($_POST['formCity'])) 
    {
        $errorMessage .= "<li>You forgot to enter your City!</li>";
    }
    if(empty($_POST['formState'])) 
    {
        $errorMessage .= "<li>You forgot to enter your State!</li>";
    }
    if(empty($_POST['formZip'])) 
    {
        $errorMessage .= "<li>You forgot to enter your Zip!</li>";
    }

    $varName = $_POST['formName'];
    $varEmail = $_POST['formEmail'];
    $varAddress = $_POST['formAddress'];
    $varCity = $_POST['formCity'];
    $varState = $_POST['formState'];
    $varZip = $_POST['formZip'];
    $varDate = $_POST['formDate'];

    if(empty($errorMessage)) 
    {
        $db = mysql_connect("localhost","root","PASSWORD");
        if(!$db) die("Error connecting to MySQL database.");
        mysql_select_db("FormData" ,$db);

        $dupesql = "SELECT * FROM formdata WHERE (name = '$varName' AND email = '$varEmail' AND address = '$varAddress')";

        $duperaw = mysql_query($dupesql);

        if($duperaw > 0) {
            echo ("$varName already exists in $varAddress \n");
        } 
        else {
        $sql = "INSERT INTO formdata (name, email, address, city, state, zip, submitDate) VALUES (".
                        PrepSQL($varName) . ", " .
                        PrepSQL($varEmail) . ", " .
                        PrepSQL($varAddress) . ", " .
                        PrepSQL($varCity) . ", " .
                        PrepSQL($varState) . ", " .
                        PrepSQL($varZip) . ", " .
                        PrepSQL($varDate) . ")";
        mysql_query($sql);

        header("location: index.php?success=1");
        exit();
        }
    }

}
4

1 回答 1

2

使用mysql_num_rows($duperaw) > 0而不仅仅是$duperaw > 0检查您的查询是否返回任何结果。

另外,避免使用mysql_*函数。自 PHP 5.5.0 起,它们不再被维护并被弃用。阅读这篇文章以获得更详细的解释。相反,使用PDOMySQLi并了解准备好的语句本文可以帮助您决定使用哪个 MySQL API。

于 2013-08-21T19:03:35.897 回答