-5

I need help checking if a usersname already are registrated or exist in the table. I tried alot but it seems that it just letting it true.

my codes are:

//=============Configuring Server and Database=======
$host        =    'localhost';
$user        =    'root';
$password    =    '';
//=============Data Base Information=================
$database    =    'login';

$conn        =    mysql_connect($host,$user,$password) or die('Server Information is not               Correct'); //Establish Connection with Server
mysql_select_db($database,$conn) or die('Database Information is not correct');

//===============End Server Configuration============

//=============Starting Registration Script==========

$username    =    mysql_real_escape_string($_POST['username']);

$password    =    mysql_real_escape_string($_POST['password']);

$email    =    mysql_real_escape_string($_POST['email']);

$country    =    mysql_real_escape_string($_POST['country']);



if(isset($_POST['btnRegister'])) //===When I will Set the Button to 1 or Press Button to  register
{
$query    =    "insert into     users(username,password,email,country)values('$username','$password','$email','$country')" or    die ('username allready exist');
$res    =    mysql_query($query);
header("location:load.php");
carl
  • 7
  • 1
  • 2
    [**Please, don't use `mysql_*` functions in new code**](http://bit.ly/phpmsql). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [**red box**](http://j.mp/Te9zIL)? Learn about [*prepared statements*](http://j.mp/T9hLWi) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://j.mp/QEx8IB) will help you decide which. If you choose PDO, [here is a good tutorial](http://www.brightmeup.info/article.php?a_id=2). – STT LCU Jun 04 '13 at 11:33

1 Answers1

2

Replace:

$query    =    "insert into     users(username,password,email,country)values('$username','$password','$email','$country')" or    die ('username allready exist');
$res    =    mysql_query($query);

With:

$query    =    "insert into     users(username,password,email,country)values('$username','$password','$email','$country')" ;
$res    =    mysql_query($query) or    die ('username allready exist');

The problem with your original code is that you are checking that the $query variable is correctly instantiated (and I see no reason why it wouldn't). You need to check if the query was successfully executed or not, i.e. to check the result of the query call (mysql_query in your case).

Note that your production code shouldn't be using the mysql_* functions (which are not good practice) and should use prepared statements. See here: [http://uk1.php.net/manual/en/function.mysql-query.php][1]

Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO, or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

Zoe
  • 27,060
  • 21
  • 118
  • 148
Bgi
  • 2,513
  • 13
  • 12
  • 1
    i've upgraded your disclaimer against mysql_ library. Feel free to revert if you wish. – STT LCU Jun 04 '13 at 11:34
  • @STTLCU thx, though I think I accidentally reverted it. I saw you put it in comment of the question too, so I think we're alright then! – Bgi Jun 04 '13 at 11:36
  • 1
    here you can find the original markup, bookmark and share it across the net! http://brightmeup.info/comment.html – STT LCU Jun 04 '13 at 11:37