I'm Learning PHP MySQL. I write a HTML form to insert email and country name in the mysql datebase. I success. But there is some problem.. How I check duplicate data and prevent insert empty data?
here is my HTML code
<form action="add_entry.php" method="post" name="myForm" onsubmit="return validateEmail();">
<input type="email" name="email" class="email" required="required">
<input type="text" name="country">
<input type="submit" class="button" value="Continue" onclick="this.disabled=true; this.value='Loading...';" disabled>
</form>
<script type='text/javascript' src='http://code.jquery.com/jquery-1.8.3.js'></script>
<script type="text/javascript">
function validateEmail()
{
var x=document.forms["myForm"]["email"].value;
var atpos=x.indexOf("@");
var dotpos=x.lastIndexOf(".");
if (atpos<1 || dotpos<atpos+2 || dotpos+2>=x.length)
{
alert("Not a valid e-mail address");
return false;
}
}
</script>
<script>
$("form > *").change(function() {
var fields = $("form input").not("input[type='submit']");
var filledFields = fields.filter(function() {
return $(this).val().length > 0;
});
if (filledFields.length == fields.length) {
$("input[type='submit']").removeAttr("disabled");
} else {
$("input[type='submit']").attr("disabled", "disabled");
}
});
</script>
Here is add_entry.php code
<?php
$con = mysql_connect("localhost","dbusername","dbpassword");
if (!$con) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("dbname", $con);
$sql="INSERT INTO dbtablename (id,email, country) VALUES (null,'$_POST[email]','$_POST[country]')";
?>
<?php if (!mysql_query($sql,$con)) : ?>
die('Error: ' . mysql_error());
<?php else : ?>
<center>Success!</center>
<meta http-equiv="refresh" content="0; url=http://mywebsite.com/content.html" />
<?php endif; ?>
<?php
mysql_close($con)
?>
Now I don't understand I write both code in add_entry.php... check duplicate & prevent from inserting empty data code ..
I got both code in Prevent duplicate data being entered into mysql database & Preventing Empty Data from Inserting into database in StackOverFlow. I see there someone tell in "Prevent duplicate data code" was SQL Injectable ..
code is
$query = mysqli_query($con, "SELECT * FROM emails WHERE email='".$email."'");
if(mysqli_num_rows($query) > 0){
echo "email already exists";
}else{
$sql="INSERT INTO emails (email) VALUES ('".$_POST[email]."')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
}
Now Please help me, How can I solve this problem..
I want this, If some one try to insert empty data or try to directly access add_entry.php page, then he will automatically redirect to form page... and show a warning if possible "you must write your email to continue.."
If duplicate email found, then it will not insert database, he will automatically redirect to content.html page..
When successfully insert data, he will automatically redirect content.html page..
If an expert help me to write this code, it will be his greatness, I hope Someone must be help me to learn php/mysql practically. I also trying.. but I need your help to continue my study. I want to be an expert like you and want to help other.. Please help me to learn. Thanks a lot.