Home/ Questions/Q 9088219
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T21:52:12+00:00

I want to insert a record if it does not exist without using unique

  • 0

I want to insert a record if it does not exist without using unique ID, and I found this answer here: MySQL: Insert record if not exists in table.

In my case I have a table:

+----+---------+---------+---------+---------+-----------+-------------+-----------+
| ID | dRelIns | vRelIns | dRelDel | vRelDel | cRelAktiv | iRelDateiId | iRelKatId |
+----+---------+---------+---------+---------+-----------+-------------+-----------+
| 1  |  blabla |  blabla |  NULL   |  NULL   |    J      |      3      |     5     |
+----+---------+---------+---------+---------+-----------+-------------+-----------+
| 2  |  blabla |  blabla |  blabla |  blabla |    N      |      3      |     1     |
+----+---------+---------+---------+---------+-----------+-------------+-----------+
| 3  |  blabla |  blabla |  NULL   |  NULL   |    J      |      3      |     2     |
+----+---------+---------+---------+---------+-----------+-------------+-----------+

I am getting an array ($_POST) with id iRelKatId and another on id iRelDateiId. I check if the id already exists and cRelAktiv = ‘J’, if not I want to insert a new one. If some entry exists but it’s not in the list, I want to set cRelAktiv to ‘N’.

My PHP script with the SQL queries:

$list=implode("','", $_POST["kat"]);
        $sql="UPDATE tabRel_UDK SET dRelDel=NOW(),
                                    vRelDel=USER(),
                                    cRelAktiv='N'
                                WHERE iRelDateiId='$_POST[id]' AND cRelAktiv='J' AND iRelKatId NOT IN('$list')";
        $result =  mysql_query($sql) or die(Error (" . mysql_error() . ").");

        foreach ($_POST["kat"] as $value) {
            $sql="INSERT INTO tabRel_UDK (dRelIns, vRelIns, cRelAktiv, iRelDateiId, iRelKatId)
                SELECT * FROM (SELECT NOW(), USER(), 'J', '$_POST[id]','$value') AS tmp
                WHERE NOT EXISTS (
                SELECT iRelDateiId,iRelKatId,cRelAktiv FROM tabRel_UDK 
                WHERE iRelDateiId = '$_POST[id]' AND iRelKatId='$value' AND cRelAktiv='J') LIMIT 1;";
            $result =  mysql_query($sql) or die("Error (" . mysql_error() . ").");
        }

This script works for me, but when both ids have the same value(for example 5), it throws an error Duplicate column name ‘5’ because of SELECT * FROM (SELECT NOW(), USER(), 'J', '$_POST[id]','$value')

Any ideas how to make it works, or should I make 2-3 SQL queries and check the ids manually in PHP?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I suspect $_POST[id] and $value have the same value, and so you appear to be selecting the same column twice. This should be suppressed in code, so you only select it once – or you should be giving each an alias so this does not happen.

    I wouldn’t recommend returning a resultset with column names starting with a number anyway – in some database systems that would not be permitted, unless it is quoted. Give them string prefixes as aliases, ending in _<number> if you must.

    Thus, your subselect string might look like this:

    "SELECT * FROM (
    SELECT
        NOW(),
        USER(),
        'J',
        '{$_POST['id']}' AS val_1,
        '{$value}' AS val_2
) WHERE ..."

    More importantly, having $_POST[id] in your code will open you up to SQL injection vulnerabilities – always escape data before using it. Even better, switch to MySQL PDO and use parameterisation.

    Lastly, the variable should be $_POST['id'] – PHP assumes that you meant a string index, but it will raise a warning if you skip the quotes. Turn on warnings so you can see mistakes like this.

    • 0