0

So basically I am trying to upload a Model and Serial number into a database only on POST but SOMETIMES, not all the time, it will duplicate the entry in the database even though I only hit submit once, once submitted, the text field goes blank as it should so how is it adding it more than once?

<?php
$servername = "localhost";
$username = "user";
$password = "pass";
$dbname = "database";
if ($_POST['submit'])

    {
        // Create connection
        $con = new mysqli($servername, $username, $password, $dbname);
        // Check connection
        if ($con->connect_error) {
            die("Connection failed: " . $con->connect_error);
        } 
        $mod = mysqli_real_escape_string($con,$_POST['model']);
        $sn_num = mysqli_real_escape_string($con,$_POST['sn']);
        $sql = "INSERT INTO rma_product (m_type,pro_sn) VALUES ('$mod','$sn_num')";

        if ($con->query($sql) === TRUE) {
            $success = "New record created successfully";
        } else {
            $success = "Failed!";
        }

        $con->close();
    }
?>

    <form method="post" name="sn_upload" id="sn_upload">
        <div>
        <label for="model">Model: </label><select id="model" name="model" title="Model" />
        <option value="ModelA">ModelA</option>
          </select><br><br>
        <label for="sn">Serial Number: </label><input type="text" id="sn" name="sn" placeholder="Serial Number" pattern="[a-zA-Z0-9]{11,13}"/><br><br>
        <input name="submit" type="submit" value="Submit" />
        <?php if( $success) echo "<div>".$success."</div>";?>
        </div>
    </form>

<script>
(function() {

    var input = document.getElementById('sn');
    var form = document.getElementById('sn_upload');
    var elem = document.createElement('div');
    elem.id = 'notify';
    elem.style.display = 'none';

    form.appendChild(elem);

    input.addEventListener('invalid', function(event){
        event.preventDefault();
        if ( ! event.target.validity.valid ) {
            input.className    = 'invalid animated shake';
            elem.textContent   = 'Serial Number must be between 11 and 13 characters and DO NOT include spaces.';
            elem.className     = 'error';
            elem.style.display = 'block';
        }
    });

    input.addEventListener('input', function(event){
        if ( 'block' === elem.style.display ) {
            input.className = '';
            elem.style.display = 'none';
        }
    });

})();
</script>
Marz_89
  • 51
  • 2
  • 12
  • 3
    [**Please, don't use `mysql_*` functions in new code**](http://stackoverflow.com/q/12859942). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [**red box**](http://php.net/mysql-connect)? Learn about [*prepared statements*](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://php.net/manual/en/mysqlinfo.api.choosing.php) can help you decide which. – Qirel Aug 24 '17 at 19:25
  • Aside from @Qirel's security note. I don't see an issue. Are you sure this isn't operator error? maybe a gaming macro on the users mouse? :-) – AJ X. Aug 24 '17 at 19:32
  • Check your server log to see how many times the form was posted. – Barmar Aug 24 '17 at 19:43
  • Thank you @Qirel. I am updating my code now. – Marz_89 Aug 24 '17 at 19:44
  • @axlj I am the only one using this form right now and am using a basic logitech keyboard mouse combo. – Marz_89 Aug 24 '17 at 19:44
  • best you set a UNIQUE constraint on the said column(s), that way you're not going to get duplicates. – Funk Forty Niner Aug 24 '17 at 21:00
  • updated PHP verbage for MySQLi but now whenever I refresh the page, it just resubmits the same data again each and every time I refresh page. How is it doing that if I have not $_POST yet? – Marz_89 Aug 24 '17 at 22:28

0 Answers0