current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 1 down vote favorite

I have some troubles to find the right loop to check if some values are contained in mysql DB.

I'm making a software and i want add license ID. Each User has x keys to use.

Now when the user start the client , it invokes a php page that check if the Key sent in the POST method is stored in DB or not.

If that key isnt store than i need to check the number of his keys. If it's > than X i'll ban him otherwise i add the new keys in the DB.

I'm new with PHP and MYSQL. I wrote this code and i would know if i can improve it.

<!-- language: php -->


                ....
                $user = POST METHOD 
                $licenseID = POST METHOD
                ....
                ....
                $resultLic= mysql_query("SELECT  id , idUser , idLicense FROM license WHERE idUser = '$user'") or die(mysql_error());
                $resultNumber = mysql_num_rows($resultLic);
                $keyFound = '0'; // If keyfound is 1 the key is stored in DB
                    while ($rows = mysql_fetch_array($resultLic,MYSQL_BOTH)) {
                           //this loop check if the $licenseID is stored in DB or not
                            for($i=0; $i< $resultNumber ; i++)
                                               { 
                                         if($rows['idLicense'] === $licenseID) {
                                         //Just for the debug 
                                              echo("License Found");
                                              $keyFound = '1';
                                               break;
                                               }
                  //If key isn't in DB and there are less than 3 keys the new key will be store in DB
                                     if($keyfound == '0' && $resultNumber < 3){
                                         mysql_query(Update users set ...Store $licenseID in Table) }
          // Else mean that the user want user another generated key (from the client) in the DB and i will be ban 
(It's wrote in TOS terms that they cant use the software on more than 3 different station)                    
                 else    {   mysql_query(update users set ban ='1'.....etc)
                                  }                               
                    }

I know that this code seems really bad so i would know how i can improve it. Someone Could give me any advice?

Update: I forgot to say that i choose to have 2 tables one users where is content all information about the users id , username , password etc and another table license where i get id , idUsername , idLicense (the last one store license that the software generate)

Thanks

share|improve this question

closed as not a real question by Chris, ircmaxell, salathe, PeeHaa, Matt Apr 26 '12 at 12:33

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.If this question can be reworded to fit the rules in the help center, please edit the question.
    
What is the problem? Is the code not working? Getting errors? –  Chris Nov 15 '11 at 17:03
    
I just wrote it on paper , but i would know if it's written in good way or there is a better way to write it. I start to use PHP only 2 days ago. –  Jasper Nov 15 '11 at 17:07
    
This isn't really the appropriate site for this kind of question, check out stackoverflow.com/faq#questions - try posting on Programmers: programmers.stackexchange.com –  Chris Nov 15 '11 at 17:09
    
@Chris It's not really appropriate for Programmers either. Programmers isn't a code review site, but Code Review is. :) –  Anna Lear Nov 15 '11 at 20:42
    
@AnnaLear Fair enough :) –  Chris Nov 15 '11 at 20:49

1 Answer 1

up vote 1 down vote accepted

I might be wrong, but why not issuing the search for the LicencsId to Mysql with this SQL query

"SELECT id , idUser , idLicense FROM license WHERE idUser = '$user' AND idLicense='$licenseID'

for security reasons escape the input "SELECT id , idUser , idLicense FROM license WHERE idUser = " . mysql_real_escape_string($user) . " AND idLicense=" . mysql_real_escape_string($licenseID)

share|improve this answer
    
in this way if the key is new it return me 0 row so i need to do another query to count the row for that user and see if it's > then x right? So i dont know if it's better do 2 query or have more php code. –  Jasper Nov 15 '11 at 17:19
    
IMHO it's better to let MySQL search for that stuff, because it is optimized for that. With PHP you may get huge amount of data, that must be sent from MySQL-Server to PHP, than searched through in PHP. better to do it all in MySQL –  HerrSerker Nov 15 '11 at 17:47
    
@Jasper Hello to you, because you are new here. I should say, we all love to get reputation (the number beneath my Username). So if you find one answer to be correct, click on the icon left to the answer, to show everyone stackoverflow.com/faq#reputation –  HerrSerker Nov 15 '11 at 17:49

Not the answer you're looking for? Browse other questions tagged or ask your own question.