Home/ Questions/Q 7017835
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T22:57:57+00:00

I made a small database(1 table) in phpMyAdmin. One of the fields I want

  • 0

I made a small database(1 table) in phpMyAdmin. One of the fields I want to check is “Name”.
I want to verify through PHP if a name that user types in a form exists in the database. In the html a list of names from DB appears, but the user might type wrong the name in the form.
The problem is the answer whether it exists or not varies.

I have 2 PHP files:
Connection.php and welcome.php

Connection

 <html> 
 <head>
 <title>Project</title>
 </head>
 <body>

 <?php
 mysql_connect("localhost","root","");
 mysql_select_db("e-card");

 $sql=mysql_query("SELECT * FROM person");
 $dbname="name";
 #$formula_adr="formula_adr";
 #$adress="adr";
 $line=mysql_fetch_assoc($sql);

 echo'Choose a name to whom you send e-card:<br/><br/>';
 echo $line[$dbname].'<br/>';
 while($line=mysql_fetch_assoc($sql))
 echo $line[$dbname].'<br/>';
 ?>
 <form action="welcome.php" method="POST">
 Nume: <input type="text" name="fname" />
 <input type="submit" value="Verify existance in DB"/>
 </form>    
 </body>
 </html>

And welcome:

 <?php
 mysql_connect("localhost","root","");
 mysql_select_db("e-card");

 $sql=mysql_query("SELECT * FROM persoana");
 $dbname="name";
 $formula_adr="formula_adr";
 $adresa="adr";
 $linie=mysql_fetch_assoc($sql);

 if ($_SERVER['REQUEST_METHOD']=='POST' and isset($_POST['fname']))
 {
 $name = $_POST['fname'];

 while($line=mysql_fetch_assoc($sql))
 {
 if(strcmp($name,$line[$dbname]))
 {
 echo 'Found';
 }
 else
 {
 echo 'This name doesn't exist in DB';
 }
 }
 }
 ?>

THANK YOU IN ADVANCE ^_-

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I would follow these steps high level steps.

    1 – use javascript to initially check on client side that something was entered BEFORE calling the DB. You can use a filter in your javascript to check that form field.

    2 – If you verify that something *useful was entered – pass the form field value to another page or object that will parse the value and then query the table.

    3 – Use the parsed value against the db table column that contains your data. If records are found, return them.

    Use a SQL injection technique to prevent malicious intend by users who may type something evil into your form field.

    • 0