1

我有以下代码,它插入了一条记录,但我希望用户名和电子邮件字段是唯一的,我该如何修改我的代码来做到这一点?我也遇到了页面没有重定向到站点索引的问题。感谢任何帮助

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "createAccount")) {
  $insertSQL = sprintf("INSERT INTO tblUser (username, password, userTypeKey, email) VALUES (%s, %s, %s, %s)",
                   GetSQLValueString($_POST['username'], "text"),
                   GetSQLValueString($_POST['user_password2'], "text"),
                   GetSQLValueString($_POST['userType'], "int"),
                   GetSQLValueString($_POST['user_email'], "text"));

  mysql_select_db($database_ignite, $ignite);
  $Result1 = mysql_query($insertSQL, $ignite) or die(mysql_error());

  $insertGoTo = "index.php";
  if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
 }

header(sprintf("Location: %s", $insertGoTo));
}
4

3 回答 3

0

更新

好的,所以我想到了另一种没有唯一索引的方法。这里有两种方法:

1) 在 INSERT 中包含 NOT EXISTS 子查询,以确保在 INSERT 时不存在非唯一值。将您的 INSERT SQL 更改为:

$insertSQL = sprintf("INSERT INTO tblUser (username, password, userTypeKey, email) SELECT %s, %s, %s, %s FROM DUAL WHERE NOT EXISTS (SELECT * FROM tblUser WHERE username = %s OR user_email = %s)",
                   GetSQLValueString($_POST['username'], "text"),
                   GetSQLValueString($_POST['user_password2'], "text"),
                   GetSQLValueString($_POST['userType'], "int"),
                   GetSQLValueString($_POST['user_email'], "text"),
                   GetSQLValueString($_POST['username'], "text"),
                   GetSQLValueString($_POST['user_email'], "text"));

您可能还需要在 die() 之前检查 mysql_errno() 是否存在未找到的错误。

2) 在用户名上创建唯一索引,在 user_email 上创建唯一索引。

CREATE UNIQUE INDEX UX_tblUser_username
    ON tblUser ( username );

CREATE UNIQUE INDEX UX_tblUser_user_email
    ON tblUser ( user_email );

如果有重复,那么您的插入将失败。要处理失败的 INSERT,请替换:

$Result1 = mysql_query($insertSQL, $ignite) or die(mysql_error());

有类似的东西:

$Result1 = mysql_query($insertSQL, $ignite) or 1062 == mysql_errno() or die(mysql_error());
if (1062 == mysql_errno()) {
    // There is a duplicate. Do whatever you intend for duplicates
}

为什么需要唯一索引?为什么不能依靠 SELECT 后跟 INSERT 来保证唯一性?因为时机。INSERT 很可能发生在另一个进程中的 SELECT 和 INSERT 之间的一个进程中。虽然可能性很低,但仍然很有可能。

于 2013-09-05T21:13:08.577 回答
0

我将代码更改为在下面阅读并且它有效

$editFormAction = $_SERVER['PHP_SELF'];

    $query_dupUserCheck = "SELECT tblUser.userKey FROM tblUser WHERE tblUser.username = '".$_POST['username']."'";
    $sqlsearch = mysql_query($query_dupUserCheck);
    $resultcount = mysql_numrows($sqlsearch);

    $query_dupUserCheck2 = "SELECT tblUser.userKey FROM tblUser WHERE tblUser.email = '".$_POST['user_email']."'";
    $sqlsearch2 = mysql_query($query_dupUserCheck2);
    $resultcount2 = mysql_numrows($sqlsearch2);

    if ($resultcount > 0 & $resultcount2 > 0) { 
        print("That Username and Email Already Exists");
    } else {
        if ($resultcount > 0) { 
            print("That Username Already Exists");  
        } else {
            if ($resultcount2 > 0) {    
            print("That Email Already Exists");
            } else {

if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "createAccount")) {
  $insertSQL = sprintf("INSERT INTO tblUser (username, password, userTypeKey, email) VALUES (%s, %s, %s, %s)",
                       GetSQLValueString($_POST['username'], "text"),
                       GetSQLValueString($_POST['user_password2'], "text"),
                       GetSQLValueString($_POST['userType'], "int"),
                       GetSQLValueString($_POST['user_email'], "text"));

  mysql_select_db($database_ignite, $ignite);
  $Result1 = mysql_query($insertSQL, $ignite) or die(mysql_error());

  $insertGoTo = "index.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
header(sprintf("Location : %s", $insertGoTo));
}
}}}
于 2013-09-06T16:41:12.650 回答
0

您需要做的就是编写一个 SELECT 语句,并在数据库中查询 $_POST['username'] 或 $_POST['user_email'] 然后编写一个 IF 语句以做出相应的反应。如果选择找到现有帐户,则报告错误,否则插入。

我在自己的框架中创建了一个快速而肮脏的示例。您将无法将其剪切并粘贴到您自己的代码中,但它应该有效地展示了该原理。

$isUnique = $db->checkUniqueUser($_POST['username'], $_POST['user_email']);

if(!odbc_fetch_row($isUnique)){
    echo "No dupe.  Put your insert statement here.";
} else {
    echo "You have a dupe.";
}

//Below are functions that I would use in my Controller class.

public function checkUniqueGroup($user_name = NULL, $user_email=NULL)
{   

   $querytext= <<<EOD
    SELECT User, Email FROM YourTable WHERE User = '$user_name' OR Email = '$user_email'
EOD;

   return $this->query($querytext);
}

public function query($querytext)
{
    //This example is from my framework.  The $conn variable is instantiated in the constructor.
        return odbc_exec($this->conn, $querytext);
}
于 2013-09-05T20:47:54.910 回答