Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I have a beta signup form, I need to know how do I check to make sure the email address is not already in the database, and if it is not add it, if it is return a message.
I am hoping I don't have to do a find and then an if and then an insert, but something tells me I will have to.
You can create a unique index on email and then perform an insert in safe mode. If email is taken, you'll get an error. You won't get this error if there's no unique index or operation is not in safe mode.
I personally would do a simple find. For example, on this signup form when user entered his email and moves to the next field, I'd fire a quick ajax request to the server and find out if this email is taken or not and display result of this check in the form. This, of course, does not replace the need for unique index and safe mode (google race conditions).
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I have a question about developing a webapi. I want to send someone an email with an confirmation Link and If he clicks on it he should be redirected to a thanks page and get a second email with a pdf.
Unfortunatly I have no idea how to create the confirmation link. I can use every web language as php and node js.
One way to do this is to generate a long and random id and then pass that id as a url parameter.
var key = '25f56c64ee724e15b1b83688e9785a38'; /* Generated Key. */
var link = `https://some-url.com/example/${key}`;
In your database you would have a lookup table that maps the key to the userId.
The route for /example/{key} would then perform a fetch of the user information and generate the page and could also send the email with the pdf.
Note that the security here is is based on the randomness and length of your key. Adding an expiration would be good practice.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 5 years ago.
Improve this question
If the user submits details I will be able to save it in mysql but how can I get only those details on screen. The latest one. Suppose there are millions of users there might be some disturbance for slecting from mysql as so many users submit at a time. So can I any one suggest me how can I overcome this
If you want to get the details of that specific user you can give some kind of token generated randomly or UUID to this user when he enters the page and after that you will be able to do a SELECT with WHERE clause to get this information in a easy way or if you want get the last one from your table maybe you can use LAST() on mysql SELECT LAST(columnName) FROM Table;
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I am using foreign key constraints in the database structure. At the same time, Im also validating the data that will be coming from the client side.
For example, when a user submits a form that contains a "customer" field and its primary key as value, I am going to check whether this customer exists before doing a database insert. Even though I have already set a foreign key constraint.
Is the method Im doing a bit redundant? Or is it REALLY redundant?
It's not redundant, because you're serving two different purpouse:
the client-side check is to improve user experience, and to tell the user what's wrong with what he has submitted; you can catch an error before it reaches the DB, and give him a proper error message, not a MySQL ugly one
the server/DB-side check(s) are in place to protect your application, from errors or malicious behaviours (injection and so on)
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I don't really understand the reason of using MySQL Trigger when I can check any data in the application layer (using PHP or JavaScript, for instance) and then send it to the database. So, what are the cases when I have to use Triggers?
I Read about triggers here: http://www.mysqltutorial.org/sql-triggers.aspx
Not sure what performance issue you are talking about. Moreover, you got it wrong; in your application level you check for sanity of the data or check for malicious data.
Whereas, Trigger is used for to take some action based on the triggering event where the triggering event could be any DML statement (insert/update/delete). Triggers are not used for data validation or sanity checking of data.
Again, on a note something which should be taken care at DB level; should be passed to DB.
For example, in your application level you may check that the entered Age is not text and should be a number but in Trigger you will check that the input Age is in specific range (say, Age <= 100) and then do some action based on the check.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
This should be fairly simple. I know how I can do it but I would like to have some ideas on how you can do it since I think that there should be many other ways to do it. When you sign up for an account on a website, you have to go to your email and go to a link in order to activate your account. How do you know that the user went to the link in order to activate their account?
Look at any implementation of this scheme. You would see some unique string that is generated when sending this email to you. It is passed back to the website when you click the link -- that's how it is recognized.
It is generally assumed that nobody else could know this unique string, so the visitor who opens this link is assumed to be the one who provided the email and, consequently, who has access to it.
When the account is created a conformation token is generated, stored in the database and emailed to the user (as part of that link).
When the link is visited, that token is used to find the matching row in the database and use it to make the account as active.