I'm trying to keep only unique values at username (field inside table professionals, using MySql at the moment).
I got a edit profile page where the user can change his username and other values.
EXAMPLE:
Actual info (not edited):
Name: John;
Tel: 1234567890;
Username: john;
Password:****;
New info (edited):
Name: Jonathan;
Tel: 1234567890;
Username: john;
Password:****;
As you can see the user only changed the name, so I'm inserting all data again in database, but if I verify the username of course it says there is already one at DB.
I need some kind of solution for this, without changing a lot the whole code.
Thanks
What is the need for inserting the whole data once again in the table. Try updating the table.
UPDATE table_name SET column1=value1,column2=value2,... WHERE some_column=some_value;
And in your case like
UPDATE table_name SET Name='Jonathan' where Username = 'john'
Really thanks for the answer #Jeff ! I wasn't thinking about the user ID, I can just make a query like this: SELECT * FROM professionals WHERE username = "test" AND id_professional != 3 and after that just verify if there are rows or not.
Related
I have a question and I can't find a correct way to solve my problem.
I have a application where the username is the emailadres. A user can change his/her information on a page called edit.php
I have also a validation in place that is checking if the username exists when editing. This to prevent that user A can edit his username in a username of another existing user. I do this with the following function.
$sql=mysql_query("SELECT username FROM users WHERE username='".mysql_real_escape_string($_POST['username'])."'");
if(mysql_num_rows($sql)>=1) { echo "Exists"; } else { /* update database */ }
This works, only now I have a problem. Because the user can edit in the editform not only the USERNAME, but also PHONE, ZIP, CITY. If a user edits his ZIP, CITY or PHONE I will get logically 'exists', because the username is also posted in my editform.
My question: How can I set it up so that the username only is checked when it is different from the current username of the user. For example, if test#test.com (username) edits his information and it remains test#test.com it won't be checked and when the username test#test.com is edited in test123#test.com it will be checked?
I think I need to set up a double check like if mysql_num_rows($sql)>=1 OR ==
Am I right? any help would be great.
For the new username to be valid, your check should be: there is no row with this username, or the row is actually the current user.
So you need to select the ID in your query (instead of the username, which you don't need) and change your if statement to test "no result, or one result with ID = current user ID".
Of course I'm assuming you have an ID as a primary key of your table, and that this ID is stored in the session for the current user.
Also, consider using PDO instead of mysql_query...
This can be resolved by doing a verify user with ajax before processing the form, using the SQL query you are currently using:
SELECT username FROM users WHERE username='$user'
If ajax query return "true" or "not empty data", user exist and not is usable, else, user is available for use.
A few months ago I did something similar in a Signup form. On "username" field, if the user is available turns green, if not available, it turns red. The verification is done by changing field.
Signup Example with verification
Recommend to use PDO instead of php mysql_query (is deprecated in new PHP versions).
I'm currently trying to retrieve values from a database.
New Users are given a UNIQUE ID once they register on my website:
Keys are stored into my database with a link such as:
website.com/file.php?id=4&key=123abcd123
What I was planning on having was the website pulling the keys ONLY related to the ID of the user.
Lets say User 4 inputs a key into the database, I want to have a universal .php file that will retrieve HIS codes (codes with the ID of 4) ONLY.
I'm sorry if this doesn't really make sense, English isn't my first language.
For finding particular record in mysql query pass the id value in the place of 4 below.
SELECT * FROM tablename WHERE UserID = '4'
if you want to get particular value then use like this
$query = "SELECT * FROM tablename WHERE UserID = '".$_SESSION['ID']."'";
Refference
If you use SQL, it is easy to search for all keys for a user:
select cdkey
from YourTable
where UserID = 1
Note that anyone can edit a URL. So unless you take additional measures, any user could ask for the cdkeys of any other user, just by modifying the id parameter in the URL.
Hi everyone i think this is good question for everone.
I am try to make a login page. But i have one problem. I have 2 users table in my database . First users table is for normal user and second users table is for vip user.
Under the code using for normal user. i want to make if email and password is for vip user then open vip_user_profile.php if not email and password is vip user then check the normal users table if there is a email and password then open normal_user_profile.php how can i do this. Is anyone can help me ?
What i can add a code in my login php code ?
My code is this.
<?php
include("includes/connect.php");
if(isset($_POST['login'])){
$email = $_POST['email'];
$password = $_POST['pass'];
$check_user = "SELECT * FROM users WHERE password='$password' AND email='$email'";
$run = mysql_query($check_user);
if(mysql_num_rows($run)>0) {
echo"<script>window.open('normal_user_profile.php','_self')</script>";
}
else {
echo"<script>alert('email or password is incorrect!')";
}
}
?>
If you insist on storing information in two tables, you can still get the data using one query. There are many ways to do that, but here's one that you might find interesting:
select
sum(usertype) as usercheck
from
( select nu.username, nu.password, 1 as usertype
from NormalUser nu
union all
select vu.username, vu.password, 2
from VipUser vu
) u
where
u.username = '$username' and
u.password = '$password'
This query will return a single integer field, which can have either of these values:
null: No combination exists for username/password
1: User is a normal user
2: User is a VIP user
3: Both tables contain a user with the same password.
Note that in cases of 1 and 2, it is still possible that the same username exists, but with a different password.
Now, to solve that, you can put all users in one table and give them a user type. You can make a lot of extra columns that you can leave empty. If you really want to store that information in a separate table (and there are good arguments for that), you can still create one table with basic user information, such as uername and password. Then, in the VipUsers table, you don't store username and password, but only store the id of the user and the additional information. This user id should be the primary key of both the Users table as the VipUsers table. Also, it should be a foreign key in VipUsers, referencing Users, so that you can not have an orphan VipUser record, without basic user information.
However, I would opt for a single table with a type and nullable fields. And I've got the feeling that that matches better with your current skill level as well.
Hi i think this tinking help you. I've read all your questions. You have two types of users. However, users have a different situation in. It truth businessname. You need to concentrate on it. *If the user uses this name when logging in to your website then his profil automatically open vip_user_profile.php Of course you'll have to do it on your code.*
this is easy to use for you. For your vip user header("vip_user_profile.php"); or header("normal_user_profile.php");
I am trying to use a form and I want when the user submits this form for mySQL to go into my database and get the account id matching the user that is logged in.I don't have a problem with getting the username but i don't know how I would get the account id from mySQL using the username.
So what I am asking is how would I tell mySQL to go and get the account id matching the username that is logged in and then save the account id in a variable.
assuming this is the structure of the table:
user: id|username|otherInfo
select id from user where username='your submitted username';
extract from the result set and do whatever
Detailed description here, assuming this is the structure of the table:
user: account_id|username|otherInfo
//get your posted value(s) and maybe sanitize a bit
$username=htmlentities($_POST['username']);
/* assuming you set up your db connection, using PDO for this example, i'll
* call that variable $db
*/
//use prepared statement
$pstmt=$db->prepare("select * from user where username=:username");
$pstmt->execute(array(':username'=>$username));
while($row=$pstmt->fetch(PDO::FETCH_ASSOC)){
$id=$row['account_id']; //extracted id
}
So i'm selecting some data by username from my url, but my problem is that my usernames isn't unique so if there is same usernames it creates me errors, nu my url looks like this:
http://adress.com/user/messages/bob
So in this case i would select data where username is bob, but if there is two bob users i would get errors, so i what i would like to do is select data by user id, but then i would have to replace username with id, like this:
http://adress.com/user/messages/321
So my question is how can i keep username insted of numbers but select data by id?
Btw, i'm using php and mysql
It sounds like you're doing this for vanity URL's, so keep the username, but also use the ID field... i.e.
http://adress.com/user/messages/321/bob