I’m trying to register a new username in an empty table in my database. So I pass in the username and UID and check to see if the user has that name registered already and accept the request or if nobody has the name I can accept it. If there name is registered to another user i reject the request.
It always returns ‘Fail’ from this bit of code below.
if($name_found)
{
if ($udid_mismatch)
{
echo "Fail";
}
But the table of this DB is empty so it cannot be true that it finds the name or UID. Can anybody see my mistake? I’m running in circles at the moment.
// Localize the GET variables
$udid = isset($_GET['udid']) ? $_GET['udid'] : "";
$name = isset($_GET['name']) ? $_GET['name'] : "";
// Protect against sql injections
$udid = mysql_real_escape_string($udid);
$name = mysql_real_escape_string($name);
$udid_mismatch=false;
$name_found=false;
$result = mysql_query("SELECT udid FROM ir_usernames WHERE name='$name'");
while( $row = mysql_fetch_assoc($result) ){
$name_found=true;
if($row['udid'] != $udid){
$udid_mismatch=true;
}
break;
}
if($name_found)
{
if ($udid_mismatch)
{
echo "Fail";
}
else
{
echo "Success";
}
} else {
// Insert the username
$retval = mysql_query("INSERT INTO $table(
udid,
name
) VALUES (
'$udid',
'$name'
)",$conn);
if($retval) {
echo "Success";
} else {
echo "Fail_ret";
}
}
mysql_close($conn);
Many Thanks,
-Code
Your code seems fine , however i see difference in the way your select and insert queries are done. One uses the
$tablevariable and the other doesn’t. For the sake of harmony, can you try something like:Also it might be a good idea to try this for debugging purposes.
This would dump out the whole data, which would give you some hint on whats going on.