Google Ads

Validating and Inserting User Data in PHP/MySQL(i) PHP Script


Validating and Inserting User Data in PHP/MySQL(i) PHP Script

Introduction:
This tutorial is on how to take user input, check it against a database, and insert if it is not already present. This could be used for registration in terms of unique usernames.

Database:
First we need a database with one table. My database is called ‘fln’, table is called ‘test’, and it has two fields:
id, int, 5 length, primary key, auto increment.
username, varchar/string, 255 length

Connection:
Next we need to make the PHP connection to our database, in mysqli we use the connect function which takes four parameters; the service server name for your MySQL service, username, password, and database name. Like so…

 

 
 
  1. <?php
  2.       $con = mysqli_connect('localhost', 'root', '', 'fln'); //server, username, password, database name
  3. ?>

 

 

HTML:
Ok. So now we can set up our user input. This is just going to be a simple one textbox and submit button form since the only column I have available in my database table and need for this tutorial’s example is the username. My HTML form looks like so…

 

 

 
 
  1. <html>
  2.       <eadh>
  3.       </head>
  4.       <body>
  5.             <form action='validation.php' method='POST'>
  6.                   Username: <input type='text' name='username' />
  7.                   <br/>
  8.                   <input type='submit' name='submit' value='Submit...' />
  9.             </form>
  10.       </body>
  11. </html>

 

 

The above form will send the data to the page I am currently editing, ‘validation.php’. It is as a ‘POST’ method so that no one can edit it through the basic URL encoding.

PHP Data Validation:
Before we can do the validation, we first want to ensure (validate…) that the data is there. We do this by checking for post input of the variable name ‘username’, we set it to a variable if it is there…

 

 
 
  1. if (isSet($_POST['username']) && $_POST['username'] != '') {
  2.       $user = $_POST['username'];
  3. }else
  4.       echo 'No username input found. No post sent...';

 

 

Ok so now we have the user input username. Next we want to check whether the username already exists within our database table ‘test’. We do this through a simple query statement selecting the rows containing the username…

 

 
 
  1. $checkQuery = mysqli_query($con, "SELECT * FROM `test` WHERE `username`='$user'");

 

We then count the amount of rows returned. If the rows returned is one (or more, although it shouldn’t be more than one) we output that the username already exists, if no rows are returned we insert the username as a new row through a new ‘insert’ query statement and output accordingly…

 

 
 
  1. if (mysqli_num_rows($checkQuery) > 0) {
  2.       echo 'That username already exists.';
  3. }else{
  4.       $insertQuery = mysqli_query($con, "INSERT INTO `test` VALUES ('', '$user')");
  5.       if ($insertQuery) {
  6.             echo 'Inserted username successfully!';
  7.       }else
  8.             echo 'Failed to insert username although no rows previously existed...';
  9. }

 

 

Note; we insert a blank value followed the username because my first ‘id’ column is auto incrementing all by itself.

 

 

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

"