3

I have a textbox UserName and a Check Availability button next to it..... I have checked the availability by passing UserName textbox value..... But it doesn't seem to work....

Here is what i am doing?

echo $UserName = $_GET['CheckUsername']; $_SESSION['state'] = $State; $queryres = "SELECT dUser_name FROM tbl_login WHERE dUser_name='$UserName'"; $result = mysql_query($queryres,$cn) or die("Selection Query Failed !!!"); if($result==true) // this condition doesn't seem to work { echo "User Name Available"; } else { echo "Sorry user name taken"; }
Improve this question

6 Answers 6

Reset to default
13

Please make sure you're escaping your inputs for MySQL. Passing data directly from $_GET, $_POST or any of the other superglobals is unsafe.

// Escape any quote characters in the input $UserName = mysql_real_escape_string($_GET['CheckUsername'], $cn); $_SESSION['state'] = $State; $queryres = "SELECT dUser_name FROM tbl_login WHERE dUser_name='$UserName' LIMIT 1"; $result = mysql_query($queryres, $cn) or die("Selection Query Failed !!!"); if (mysql_num_rows($result) > 0) { echo 'User name exists in the table.'; } else { echo 'User name does not exist in the table.'; }
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

why not add a trim() in there also :)
Please keep in mind that prepared statements should be used instead of manually escaped strings
4 
if ($result == false) { echo "not available"; } else { echo "available"; }

The reason yours doesn't work is because the value of $result will not be true as it contains an array. You could do it by reversing the statement to check for false first.

You can also do it with mysql_num_rows

if (mysql_num_rows($queryres) > 0) { echo "User name taken"; }
Improve this answer

2 Comments

Warning: Wrong parameter count for mysql_num_rows()
Wouldn't if ($result === false) more precise?
1

from http://php.net/mysql_query :

Return Values

For SELECT, SHOW, DESCRIBE, EXPLAIN and other statements returning resultset, mysql_query() returns a resource on success, or FALSE on error.

So to start off with, your if statement will never evaluate to false, because you have the "or die" on the mysql_query (which is activate when mysql_query returns false).

But your if condition is wrong altogether, because you don't want to know if the query failed, but if any results were returned. For this you probably want to use mysql_num_rows.

As a small tip, since you only need to know if there's 1 matching username, add "LIMIT 1" to the end of your query. Then mysql will return as soon as it hits the first match, instead of searching th whole table for more results.

As an alternative method, you could use a COUNT() query, and check the number returned in the result set.

Improve this answer

1 Comment

I'm not sure the LIMIT 1 is necessary if the column you're searching on is unique. But I suppose it doesn't hurt and might help develop it into a habit.
1

Although this question has already an adequate answer, I'll give you another option. Simply remove the "==true" in the IF condition and it will automatically test for the presence of a value instead of a boolean comparison. 

if($result) // this condition will now work { echo "User Name Available"; } else { echo "Sorry user name taken"; }

You can use this if you want to preserve the signature of your code.

Improve this answer

Comments

1 
$queryres = "SELECT dUser_name FROM tbl_login WHERE dUser_name='$UserName'"; $result = mysql_query($queryres,$cn) or die("Selection Query Failed !!!"); if (mysql_num_rows($result)) { echo "Username available"; } else { echo "Username not available"; }
Improve this answer

Comments

0

After Executing the Query just mysql_num_rows($result) which will return you the Count of Rows is fetched.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.