-2

My table artist: artistID, name, genreID, avatar, short-decs, view, vnmartist. artist structure table I create upload.php to upload mp3 and insert information about song with column: name, artistID, genreID.

Because song name and artist, genre is input by user. I want to checking that name of artist. If name is null -> insert name to database, then get artistID and insert to database. If name is not null -> get artistID and insert data to table artist.

My PHP code below:

$artist = $_POST['artist-name'];
$link = mysql_connect("localhost", "root", "");
mysql_select_db("vnmtest", $link);

$result = mysql_query("SELECT * FROM artist where name='".$artist."'",$link);
if($num_rows = mysql_num_rows($result) == 0)

echo "data is null";

else echo "data okay";

When testing upload 1 file, I input artist-name: "Nhật Trường", this like data in name of the artist, but program still echo "data is null".

My artist table:

[![my artist table][2]][2]

My full code below:

        if (!empty($_FILES["audiofile"])) {
        $myFile = $_FILES["audiofile"];

        if ($myFile["error"] !== UPLOAD_ERR_OK) {
            echo "<p>An error occurred.</p>";
            exit;
        }

        // ensure a safe filename
        $name = preg_replace("/[^A-Z0-9._-]/i", "_", $myFile["name"]);

        // don't overwrite an existing file
        $i = 0;
        $parts = pathinfo($name);
        while (file_exists(UPLOAD_DIR . $name)) {
            $i++;
            $name = $parts["filename"] . "-" . $i . "." . $parts["extension"];
        }

        // preserve file from temporary directory
        $success = move_uploaded_file($myFile["tmp_name"],
            UPLOAD_DIR . $name);
        if (!$success) { 
            echo "<p>Unable to save file.</p>";
            exit;
        }

        // set proper permissions on the new file
        chmod(UPLOAD_DIR . $name, 0644);
        $name = $_POST['song-name'];
        $artist = $_POST['artist-name'];
        $genreID = $_POST['genreID']; 

        // kiểm tra artist tồn tại hay chưa
        $artist = $_POST['artist-name'];
        print_r($_POST['artist-name']);
        //$sql = "SELECT * FROM artist where name='".$artist."'";
        //$result = $conn->query($sql);




            $link = mysql_connect("localhost", "root", "");
            mysql_select_db("vnmtest", $link);

            $result = mysql_query("SELECT * FROM artist where name='".$artist."'",$link);
            if($num_rows = mysql_num_rows($result) == 0)

            echo "data is null";

            else echo "data okay";



        // output data of each row

        // $artist_select = $conn->query ("SELECT EXISTS(select * from artist where name = '".$artist."') ");

    }

?>

Nguyễn Chí Cần
  • 11
  • 1
  • What if you remove special chars ? it may be an encoding problem... – Random Apr 29 '16 at 12:23
  • what is type of your artist.name column and what collation do you use? – Jimmmy Apr 29 '16 at 12:26
  • there might be a problem in unicode character encoding. could you try print_r($_POST['artist-name']) to check if it's proper encode yet? – SonDang Apr 29 '16 at 12:35
  • not enough code/information to support the question. No idea where your POST array comes from and if it does contain a value or not. – Funk Forty Niner Apr 29 '16 at 12:37
  • possible duplicate of [check if row exists with mysql](http://stackoverflow.com/questions/22252904/check-if-row-exists-with-mysql) – Funk Forty Niner Apr 29 '16 at 12:38
  • [Little Bobby](http://bobby-tables.com/) says [your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! – Jay Blanchard Apr 29 '16 at 12:41
  • Please [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really pretty easy](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Apr 29 '16 at 12:41
  • 1
    *"on line 150"* (there's hardly 10 lines of code here). You're not showing us everything here and seeing this *"My table artist: artistID, name, genreID, avatar, `short-decs`, view, vnmartist."* - tells me that you have a probable syntax error. So, **show your full code**. – Funk Forty Niner Apr 29 '16 at 12:41
  • @JayBlanchard Doubting they're paying attention to us here in comments. Plus, ^ that one bothers me about `short-decs`. Edit: OP's come alive! – Funk Forty Niner Apr 29 '16 at 12:42
  • Random, I will try to use english and re-check. Jimmmy, the type of artist.name is varchar and utf8_unicode_ci collocation. @SonDang: I printed, it absolute like the $_POST['artist-name']. – Nguyễn Chí Cần Apr 29 '16 at 12:44
  • @Fred-ii-: check my code now, thanks you – Nguyễn Chí Cần Apr 29 '16 at 12:58

1 Answers1

0

I think there could be three possibilities:

1) charset errors: try to set appropriate charset in your page (es: set it with headers: $mysqli->query("SET CHARACTER SET utf8"))

2) query error: try to change your query in

$result = mysql_query("SELECT count(*) num FROM artist where name='".$artist."'",$link);

and modify your if statement to check if "num" field is > 0

3) "if" error: try to change if (leaving current query) in 

if(mysql_num_rows($result) == 0)
Thomas G
  • 9,886
  • 7
  • 28
  • 41
Nicola
  • 1
  • 1
  • `$mysqli->query("SET CHARACTER SET utf8")` is for the MySQLi_ API and the OP is using MySQL_ here. Two different animals altogether. – Funk Forty Niner Apr 29 '16 at 12:43