Very often i need to prevent querys to get executed when a value like a email already exist.
Until now i searched for the value like that:
$checkemailexist = $X['db']->prepare("SELECT uid FROM userdata WHERE uid = :uid LIMIT 1");
$checkemailexist->execute(array(
':uid'=>$uid
));
if(empty($checkemailexist)){
INSERT QUERY ..
}
...
The problem on a big database with many rows, a string search even on a varchar can take a lot of performance and time.
So i made the uid column unique and tried something like that:
try{
$insertuser = $X['dbh']->prepare("
INSERT INTO user (uid) VALUES (:uid)
");
$insertuser->execute(array(
':uid'=> $mail
));
} catch (PDOException $e) {
header("Location: ...");
exit();
}
Its working fine, but could the performance even be worse ?
After making uid column an [unique] index, you made all your queries faster. Both queries, either SELECT or INSERT will have to check the index, and it will take them both the same time to perform.
Adding an index to the column used for search for is the real answer to your question. As to whether to use a select query or to catch an exception during insert is a matter of taste.
However, your second example is rather wrong. You shouldn't handle every PDOException the same way but only a specific exception related to this very case, as it's shown in my PDO tutorial.
The best way would be to keep the unique index but add a keyword IGNORE to the query and then check the number of affected rows
$insertuser = $X['dbh']->prepare("INSERT IGNORE INTO user (uid) VALUES (:uid)");
$insertuser->execute(['uid'=> $mail]));
if (!$insertuser->numRows()) {
header("Location: ...");
exit();
}
adding IGNORE would suppress the unique index error, and you will be able to check whether such a value already exists by simply checking the number of affected rows
I have some queries at one script and I want to execute either all of them or none of them ..! I've searched about that and I figured out I have to use transaction.
Actually I want to use PDO::beginTransaction. Now there is two approaches.
rollback() function
commit() function
So what's the difference between them? Both of them seems identical to me, So when should I use which one?
<?php
$dbh->beginTransaction();
$sth1 = $dbh->exec("DROP TABLE fruit");
$sth2 = $dbh->exec("UPDATE dessert SET name = 'hamburger'");
$sth3 = $dbh->exec("INSERT INTO names(id, name) VALUES (NULL, 'peter')");
// which one?
$dbh->commit();
// or
$dbh->rollBack();
// ??
/* Database connection is now back in autocommit mode */
?>
Both of them seems identical to me
That's wrong. Transaction by definition is Atomic in nature means either it will happen and succeed executing all commands in the group or none at all. If it's successful and you want to persist the change then COMMIT else if any of the statement in the group fails then ROLLBACK to get back to pristine state.
So in your case, you would want to have all the below statement execute successfully and if that then COMMIT to persist the change but if any of the statement fails for any so called reason then it may end up giving a undesired result which you don't want to persist and so ROLLBACK and get back to previous consistent state.
$sth1 = $dbh->exec("DROP TABLE fruit");
$sth2 = $dbh->exec("UPDATE dessert SET name = 'hamburger'");
$sth3 = $dbh->exec("INSERT INTO names(id, name) VALUES (NULL, 'peter')");
Read about Transaction and also see this another post PHP + MySQL transactions examples
You use commit to perform the transaction, and rollback is the opposite, you use rollback when you want to keep all unchanged (for example if you have detected some error during some step of the transaction).
I am making a registration page. I'm worrying about concurrency issues where two users register with the same username at the same time (know it's real rare, but hate having small flaws in code).
So my approach is, check if the username exists, and if not, insert a new row. I'm using PDO
What I've tried
I'm using transactions, but from my question here How exactly do transactions with PHP PDO work with concurrency? it appears that two transactions can read at the same time
I don't think I can use select...for update because I am not updating; in fact, I need to lock an "imaginary" row where a new entry will be added, if it does not exist already
I've tried googling some examples, but they don't seem to handle the concurrency issue mentioned above http://php.about.com/od/finishedphp1/ss/php_login_code_2.htm
Solution?
I've googled and added a UNIQUE constraint on the username field, but do not want to rely on a MySQL error to rollback the transaction. I'm no expert, but it just doesn't feel elegant to me. So is there a way to insert if not exists with pure MySQL?
Now, if this really is the way to go, I've got a couple questions. If a warning is thrown, does that stop the queries? Like will it throw the exception shown in the example here PHP + MySQL transactions examples ? Or will only a downright-error throw the exception?
Also, it seems to imply here Can I detect and handle MySQL Warnings with PHP? that warnings will show up somehow in the PHP output, but I've never had "visible MySQL errors." The question was not using PDO like in my code, but I was just wondering. Do MySQL errors and warnings make html output? Or does it only say something if I callerrorInfo()?
Thanks
UPDATE
If I had two unique fields, and did not want to allow either one to be null (since I know I could set one table to "null-able" and have two queries), is there a way to check which one messed up? Like I want to let the user know if username or email was taken. If I do a single insert, I won't know which one failed
And furthermore, if I have two statements (first insert username, check if failed, then try same for email), I can only detect one error at a time; if the username fails and rolls back, I cannot try to do the same for the email (well it would be redundantish, because even if the email exists I would have to check to see if the first query had failed) Edit: Think it can work if I use nested try...catch statements
I think youre over thinking this. You can show a different error to the user for each one but you can really only detect one at a time because mysql is only going to give you one error message with the first problem it encounters. Assuming the previous query (to insert all values at once):
try {
$stmt = $db->prepare($sql);
$stmt->execute(array(
':username' => $username,
':email' => $email,
':password' => $password
));
$db->commit();
} catch (PDOException $e) {
$db->rollBack();
if($e->getCode() == 23000) {
// lets parse the message
if(false !== strpos('email', $e->getMessage())) {
echo 'Email "'. $email . '" already exists';
} else if(false !== strpos('username', $e->getMessage()) {
echo 'Username "'. $username .'" taken';
}
} else {
// not a dupe key rethrow error
throw $e;
}
}
Now the hitch with that is the error message is going to look something like:
Duplicate entry 'THE_VALUE_YOU_TRIED_TO_INSERT' for key THE_KEY_NAME
The way to get more meaningful reporting on which column it was is to name the indexes with something meanigful when you create the table for example:
CREATE TABLE the_table (
`id` integer UNSIGNED NOT NULL AUTO_INCREMENT
`username` varchar(30),
`email` varchar(100),
`password` varchar(32),
PRIMARY KEY (`id`),
UNIQUE KEY `uk_email` (`email`),
UNIQUE KEY `uk_username` (`username`)
);
so now your error message will look like:
Duplicate entry 'THE_VALUE_YOU_TRIED_TO_INSERT' for key uk_username
OR
Duplicate entry 'THE_VALUE_YOU_TRIED_TO_INSERT' for key uk_email
Which is easily parsable.
The only real alternative to doing it this way is to do a select on table before you insert to ensure the values dont already exist.
If youre using PDO you shouldnt have PHP warnings... Just exceptions, which if uncaught will generate a standard php error. IF you have display_errors turned off then that wont be output to the screen, only to the error log.
I dont think there is a way to insert if not exists so you are back to using a unique key and then catching the exception:
$db = new PDO($dsn, $user, $pass);
$sql = "INSERT INTO the_table (username, email, etc) VALUES (:username,:email,:password)";
$db->beginTransaction();
try {
$stmt = $db->prepare($sql);
$stmt->execute(array(
':username' => $username,
':email' => $email,
':password' => $password
));
$db->commit();
} catch (PDOException $e) {
$db->rollBack();
if($e->getCode() == 23000) {
// do something to notify username is taken
} else {
// not a dupe key rethrow error
throw $e;
}
}
So is there a way to insert if not exists with pure MySQL?
The best method is generally considered to rely on the UNIQUE constrain. There are other alternatives though.
If a warning is thrown, does that stop the queries?
Not necessarily, but in your specific case trying to insert a duplicate that has the UNIQUE constrain will never get through no matter what.
Do MySQL errors and warnings make html output?
No, not automatically, you have to handle it yourself. If the operation throws an exception and you have an Exception Handler set it will naturally fire that, but it can also be handled.
Anyhow, strictly speaking an attempt to insert an entry in a table where one of the fields is duplicated and has the UNIQUE constrain will never succeded, no matter the error. It's up to you then how to handle the error, but PDO specifically throws an exception on these cases so it can be as simple as:
try {
//Insert user here
} catch(Exception $e) {
if(($PDO->errorCode() == 23000) || ($PDOStatement->errorCode() == 23000)) {
//Duplicate, show friendly error to the user and whatnot
}
}
I've used the SQLSTATE error code 23000 here because it's the most common for duplicates, but you can check for pretty much anything, here is the list of server error codes for mysql.
The best way to make sure you don't have duplicates is to use UNIQUE constraint on the username field. MySQL will definitely not insert a second row with the same value and you no longer need transactions for that.
I don't know why this solution doesn't seem elegant, but in my opinion it is a very good practice with simplifies your work a lot. If this is a constraint on data, it makes sense to let the database server handle that problem for you.
If you do the insert query in a transaction, in case of error, the execution will be stopped and the server would do a rollback. You will also get the error in PHP which you need to handle.
Let the db handle this, because its in an excellent position to do this task.
Use the unique constraint, but do
insert ignore into users...
http://dev.mysql.com/doc/refman/5.5/en/insert.html
An error wont be triggered. You can check the affected rows to see if a row was inserted.
I have a MySQl database with a few tables, all UTF-8 and MyISAM storage.
In PHP I am parsing an XML file which writes a lot of data to the tables. I am using just simple Insert statements and the mysqli functions.
There not so many read actions on the table and no one of them are during the inserts. First the performance was very very slow so I added SET AUTOCOMMIT = 0 at the beginning of the script.
The issue I have now is that all my inserts which are in e.g. the third foreach loop are ignored and do not appear in the mysql tables. Everything before that is fine.
So my question is, what am I doing wrong and how should I do it?
With autocommit on = Everything is inserted but very very slow
With autocommit off = Everything is very fast but a lot of inserts are ignored
Hopefully someone have an idea and can help.
MySQL is faster with autocommit turned off because INSERTs are not written to your database immediately; the data is only saved when you execute a COMMIT statement. Do you have a COMMIT statement after inserting your data?
You should try like this:
<?php
try {
$db->beginTransaction();
$stmt = $db->prepare("SOME QUERY?");
$stmt->execute(array($value1));
$stmt = $db->prepare("YET ANOTHER QUERY??");
$stmt->execute(array($value2, $value3));
$db->commit();
} catch(PDOException $ex) {
//Something went wrong then rollback!
$db->rollBack();
echo $ex->getMessage();
}
Note: calling bindTransaction() turns off auto commit automatically.
While with mysqli, you can use following instead:
mysqli_autocommit($dbh, FALSE); // turn off auto-commit
mysqli_rollback($dbh); // if error, roll back transaction
mysqli_commit($dbh); // commit transaction
I'm trying to create four tables within one PDO transaction.
When the first "CREATE TABLE ..." part of the statement contains errors I successfully get an exception, an error message, and rollback. But when the first "CREATE TABLE ..." part are written correctly (as in the example below) I get no exception, commit, and only the first table created.
Here's the code:
$conn = Connection::getInstance();
$conn->dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->dbh->beginTransaction();
$stmt = $conn->dbh->prepare("
CREATE TABLE IF NOT EXISTS `1st table` (valid SQL-code)
ENGINE = InnoDB
DEFAULT CHARACTER SET = utf8;
CREATE TABLE IF NOT EXISTS `2nd table` (SQL-code with an error)
ENGINE = InnoDB
DEFAULT CHARACTER SET = utf8;
CREATE TABLE IF NOT EXISTS `3rd table`...
CREATE TABLE IF NOT EXISTS `4th table`...
");
try
{
$stmt->execute();
$conn->dbh->commit();
}
catch (Exception $e)
{
$conn->dbh->rollBack();
echo $e->getMessage();
}
unset($stmt);
After some research I found the following note at php.net:
Some databases, including MySQL, automatically issue an implicit COMMIT when a database definition language (DDL) statement such as DROP TABLE or CREATE TABLE is issued within a transaction.
Is it that what causes the problem and how to solve it?
Like several commenters suggested, transactional semantics are not available for data definition language statements (DDL) in mySQL.
The PDO implementers obviously did not attempt to add some kind of client-side transactional semantics where there is no support in the DBMS.