我想避免在我的数据库中插入名为username的现有数据,我的代码运行没有错误,但问题是我输入的数据是插入的,即使它已经存在于我的数据库中。请告诉我我的代码缺少什么。
if($_POST["controller"] == "add") {
// validations here
$result = query("SELECT * FROM tbl_employee WHERE surname ='$surname'");
if(empty($_POST["surname"]) && (query($result)>0) ) {
echo 'surname already taken'; die();
}
else {
$age = getAge($_POST["dobMonth"], $_POST["dobDay"], $_POST["dobYear"]);
$result = query("INSERT INTO tbl_employee (carid, surname, firstname, position, department, birthplace, sex, address, contact, codename, birthdate, age, dateAdded) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)", $_POST["modelo"], $_POST["surname"], $_POST["firstname"], $_POST["position"], $_POST["department"], $_POST["birthplace"], $_POST["sex"], $_POST["address"], $_POST["contact"], $_POST["codename"], $_POST["dobYear"] . '-' . $_POST["dobMonth"] . '-' . $_POST["dobDay"], $age, date("Y-m-d"));
if($result === false) {
echo 'error in insert'; die();
}
else {
$row = query("SELECT LAST_INSERT_ID() AS employee_id");
$id = $row[0]["employee_id"];
redirect("employee.php?profile=" . $id); //redirect("employee.php?action=view_all");
}
}
}
试试这个:我希望它能帮助你。
if($result['surname']==$_POST["surname"]) {
echo 'surname already taken'; die();
}
else {
$age = getAge($_POST["dobMonth"], $_POST["dobDay"], $_POST["dobYear"]);
$result = query("INSERT INTO tbl_employee (carid, surname, firstname, position, department, birthplace, sex, address, contact, codename, birthdate, age, dateAdded) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)", $_POST["modelo"], $_POST["surname"], $_POST["firstname"], $_POST["position"], $_POST["department"], $_POST["birthplace"], $_POST["sex"], $_POST["address"], $_POST["contact"], $_POST["codename"], $_POST["dobYear"] . '-' . $_POST["dobMonth"] . '-' . $_POST["dobDay"], $age, date("Y-m-d"));
if($result === false) {
echo 'error in insert'; die();
}
在检查为空之前,您可能需要先检查它是否为NULL
你需要改变你的代码。我希望这会对你的问题有所帮助。你的代码问题首先是它会检查姓氏值是否为空,如果你发送姓氏值,它将使条件为假,因为“和” “条件和你的其他声明将被执行
if($_POST["controller"] == "add") {
// validations here
$surname=(empty($_POST["surname"])?null:$_POST["surname"]);
$result = query("SELECT * FROM tbl_employee WHERE surname ='$surname'");
if(empty($_POST["surname"]) ){
echo 'surname is Empty'; die();
}
elseif((query($result)>0) )
{
echo 'surname already taken'; die();
}
else {
$age = getAge($_POST["dobMonth"], $_POST["dobDay"], $_POST["dobYear"]);
$result = query("INSERT INTO tbl_employee (carid, surname, firstname, position, department, birthplace, sex, address, contact, codename, birthdate, age, dateAdded) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)", $_POST["modelo"], $_POST["surname"], $_POST["firstname"], $_POST["position"], $_POST["department"], $_POST["birthplace"], $_POST["sex"], $_POST["address"], $_POST["contact"], $_POST["codename"], $_POST["dobYear"] . '-' . $_POST["dobMonth"] . '-' . $_POST["dobDay"], $age, date("Y-m-d"));
if($result === false) {
echo 'error in insert'; die();
}
else {
$row = query("SELECT LAST_INSERT_ID() AS employee_id");
$id = $row[0]["employee_id"];
redirect("employee.php?profile=" . $id); //redirect("employee.php?action=view_all");
}
}
}