Insert page: Check and validate against 2 database fields

I have the following code. I'm trying to validate against 2 database fields before insert. If player_name and grad_year are the same don't allow the insert. This code works but it only works on player_name. It's ignoring the second part of my query. It looks like I have the query correct so I'm guessing it's the order or syntax of the php script. Any help appreciated.


<?php
//check.php
if(isset($_POST["Insert"]))
{
$player_name = mysqli_real_escape_string($connect, $_POST["player_name"]);
$grad_year = mysqli_real_escape_string($connect, $_POST["grad_year"]);
$query = "SELECT * FROM players WHERE player_name = '".$player_name."'AND grad_year = '".$grad_year."' ";
$result = mysqli_query($connect, $query);
echo mysqli_num_rows($result);
}
{
$InsertQuery = new WA_MySQLi_Query($tsrbase);
$InsertQuery->Action = "insert";
$InsertQuery->Table = "players";
$InsertQuery->bindColumn("player_name", "s", "".((isset($_POST["player_name"]))?$_POST["player_name"]:"") ."", "WA_BLANK");
$InsertQuery->bindColumn("grad_year", "d", "".((isset($_POST["grad_year"]))?$_POST["grad_year"]:"") ."", "WA_ZERO");
$InsertQuery->saveInSession("WADA_Insert_players");
$InsertQuery->execute();
$InsertGoTo = "playersInsert.php?NewPW=Yes";
if (function_exists("rel2abs")) $InsertGoTo = $InsertGoTo?rel2abs($InsertGoTo,dirname(__FILE__)):"";
$InsertQuery->redirect($InsertGoTo);
}
?>

I see a recordset and an insert, but I don't see the IF statement that validates no results were returned. Can you attach the full page so I can see it in context? That might help me identify the issue.

<?php require_once("../../webassist/form_validations/wavt_scripts_php.php"); ?>
<?php require_once('../../Connections/tsrbase.php'); ?>
<?php require_once("../../webassist/form_validations/wavt_validatedform_php.php"); ?>
<?php require_once('../../webassist/mysqli/queryobj.php'); ?>
<?php require_once('../../webassist/mysqli/rsobj.php'); ?>

<?php
$WADAMenugrad_year = new WA_MySQLi_RS("WADAMenugrad_year",$tsrbase,0);
$WADAMenugrad_year->setQuery("SELECT playersID FROM players");
$WADAMenugrad_year->execute();?>
<?php
$gradYear = new WA_MySQLi_RS("gradYear",$tsrbase,0);
$gradYear->setQuery("SELECT * FROM grad");
$gradYear->execute();?>
<?php
//check.php
if(isset($_POST["Insert"]))
{
$player_name = mysqli_real_escape_string($tsrbase, $_POST["player_name"]);
$grad_year = mysqli_real_escape_string($tsrbase, $_POST["grad_year"]);
$query = "SELECT * FROM players WHERE player_name = '".$player_name."'AND grad_year = '".$grad_year."' ";
$result = mysqli_query($connect, $query);
echo mysqli_num_rows($result);
}
{
$InsertQuery = new WA_MySQLi_Query($tsrbase);
$InsertQuery->Action = "insert";
$InsertQuery->Table = "players";
$InsertQuery->bindColumn("player_name", "s", "".((isset($_POST["player_name"]))?$_POST["player_name"]:"") ."", "WA_BLANK");
$InsertQuery->bindColumn("grad_year", "d", "".((isset($_POST["grad_year"]))?$_POST["grad_year"]:"") ."", "WA_ZERO");
$InsertQuery->saveInSession("WADA_Insert_players");
$InsertQuery->execute();
$InsertGoTo = "playersInsert.php?";
if (function_exists("rel2abs")) $InsertGoTo = $InsertGoTo?rel2abs($InsertGoTo,dirname(__FILE__)):"";
$InsertQuery->redirect($InsertGoTo);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Team Sports Registry Admin Panel</title>
<!-- Bootstrap -->
<link href="../../css/bootstrap-4.4.1.css" rel="stylesheet">
<link href="../../css/main.css" rel="stylesheet" type="text/css">
<link href="../../css/navLinks.css" rel="stylesheet" type="text/css">
<link href="../../css/table.css" rel="stylesheet" type="text/css">
<script src="../../webassist/progress_bar/jquery-blockui-formprocessing.js" type="text/javascript"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>

<link href="../../webassist/forms/fd_basic_default.css" rel="stylesheet" type="text/css">
<link rel="stylesheet" href="../../webassist/jq_validation/Bloom.css">

<script src="//ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js"></script>
<script src="//ajax.googleapis.com/ajax/libs/jqueryui/1/jquery-ui.min.js"></script>
<link href="../../webassist/forms/dataassist_button.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header" class="container">
<div class="row">
<div class="col-xl-5"><img src="../../vectors/tsrBlack.gif" alt="TSR Logo" class="img-fluid" id="tsrLogo"></div>
<div class="col-xl-6"></div>
</div>
</div>
<div id="navDirect" class="container">
<nav class="navbar navbar-expand-lg navbar-dark" style="background-color:#D0D0D0"> <a class="navbar-brand" href="#">Team Sports Registry</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent1" aria-controls="navbarSupportedContent1" aria-expanded="false" aria-label="Toggle navigation"> Menu<span class="navbar-toggler-icon"></span> </button>
<div class="collapse navbar-collapse" id="navbarSupportedContent1">
<ul class="navbar-nav mr-auto col-xl-10">
<li class="nav-item active"> <a class="nav-link" href="javascript:history.go(-1)">Go Back<span class="sr-only">(current)</span></a> </li>
<li class="nav-item"> <a class="nav-link" href="../myPanel.php">Home</a> </li>
<li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown1" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> Control Panels </a>
<div class="dropdown-menu" aria-labelledby="navbarDropdown1"> <a class="dropdown-item" href="../myPanel.php">Home Control Panel</a>
<a class="dropdown-item" href="../myTeams.php">Rosters Control Panel</a><a class="dropdown-item" href="#">Public Control Panel</a> </div>
</li>
<li class="nav-item"> <a class="nav-link" href="file:///C|/wamp64/mike.html">Contact Us</a> </li>
<li class="nav-item"> <a class="nav-link" href="file:///C|/wamp64/mike.html">LogOut</a> </li>

</ul>
</div>
</nav>
</div>
<div id ="intro" class="container">
<div class="row">
<div class="col-xl-12"><div class="row">
<div id="namePage" class="col-xl-7">Players</div>
</div></div>
</div>
</div>
<?php if(isset($_GET['NewPW'])){ ?>
<div id="success" class="container">

<div class="row">
<div class="col-xl-12">
<div class="error" style="width:90%;">
<div class="alert alert-primary" role="alert">
The Player has been added to your Database!
</div></div>

</div></div>
</div><?php } ?>
<form class="Basic_Default" id="Insert_Basic_Default" name="Insert_Basic_Default" method="post" action="">
<div id="content" class="container">
<div class="col-xl-6">
<div class="input-group mb-3">
<div class="input-group-prepend">
<span class="input-group-text" id="basic-addon1">Player Name</span>
</div>
<input type="text" id="player_name" name="player_name" class="form-control" aria-label="Username" aria-describedby="basic-addon1"value="<?php echo((isset($_GET["invalid"])?ValidatedField("coachinsert","coach_name"):"")); ?>" tabindex="1" title="Please enter a value." required="true">
<?php
if (ValidatedField('playerinsert','playerinsert')) {
if ((strpos((",".ValidatedField("playerinsert","playerinsert").","), "," . "1" . ",") !== false || "1" == "")) {
if (!(false)) {
?><span class="serverInvalidState" id="player_name_ServerError">Please enter a value.</span><?php //WAFV_Conditional coach_insert.php coachinsert(1:)
}
}
}?>
</div>
</div>
<div class="col-xl-6"><select class="btn btn-secondary dropdown-toggle" name="grad_year" id="grad_year" rel="<?php echo((isset($_GET["invalid"])?ValidatedField("playersinsert","grad_year"):"")); ?>" tabindex="2" title="Please enter a value." required="true"><option value="" <?php if (!(strcmp("", (isset($_GET["invalid"])?ValidatedField("playersinsert","grad_year"):"")))) {echo "selected=\"selected\"";} ?>>Choose Grad Year</option>
<?php
while(!$gradYear->atEnd()) { //dyn select
?>
<option value="<?php echo($gradYear->getColumnVal("gradYear")); ?>"<?php if (!(strcmp($gradYear->getColumnVal("gradYear"), (isset($_GET["invalid"])?ValidatedField("playersinsert","grad_year"):"")))) {echo "selected=\"selected\"";} ?>><?php echo($gradYear->getColumnVal("gradYear")); ?></option>
<?php
$gradYear->moveNext();
} //dyn select
$gradYear->moveFirst();
?>
</select>
<?php
if (ValidatedField('playersinsert','playersinsert')) {
if ((strpos((",".ValidatedField("playersinsert","playersinsert").","), "," . "2" . ",") !== false || "2" == "")) {
if (!(false)) {
?><span class="serverInvalidState" id="grad_year_ServerError">Please enter a value.</span><?php //WAFV_Conditional players_insert.php playersinsert(2:)
}
}
}?></div><div id="button" class="row">
<div class="col-xl-12"><input class="btn btn-primary" type="submit" value="Insert" id="Insert" name="Insert" /></div>
</div>

</div>


</div><!--End of Container Tag-->
</form>
<div id="footer" class="container">
<div class="row">
<div class="col-xl-12">Content goes here | Placeholder Text | Placeholder Text | Placeholder Text</div>

</div>
</div>


<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="../../js/jquery-3.4.1.min.js"></script>

<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="../../js/popper.min.js"></script>
<script src="../../js/bootstrap-4.4.1.js"></script>
<div id="Insert_Basic_Default_ProgressMessageWrapper" class="blockUIOverlay" style="display:none;">
<script type="text/javascript">
WADFP_SetProgressToForm('Insert_Basic_Default', 'Insert_Basic_Default_ProgressMessageWrapper', WADFP_Theme_Options['BigSpin:Slate']);
</script>
<div id="Insert_Basic_Default_ProgressMessage" >
<p style="margin:10px; padding:5px;" ><img src="../../webassist/progress_bar/images/slate-largespin.gif" alt="" title="" style="vertical-align:middle;" />&nbsp;&nbsp;Please wait</p>
</div>
</div>


<script src="../../webassist/forms/wa_servervalidation.js" type="text/javascript"></script>
<script src="../../webassist/jq_validation/jquery.h5validate.js"></script>
<script>
var Insert_Basic_Default_Opts = {
focusout: true,
focusin: false,
change: false,
keyup: false,
popupClass: "Bloom",
pointedAt: "left",
fieldOffset: 10,
fieldMargin: 2,
position: "left",
direction: "left",
border: 1,
offset: 25,
closeText: "✖",
percentWidth: 100,
orientation: "bottom"
};
function Insert_Basic_Default_Validate() {
$("#Insert_Basic_Default").h5Validate(Insert_Basic_Default_Opts);
}
$(document).ready(function () {
Insert_Basic_Default_Validate()
ConvertServerErrors(Insert_Basic_Default_Opts);
});
</script>
</body>
</html>

I think you need:

<?php

//check.php

if(isset($_POST["Insert"])) {

$player_name = mysqli_real_escape_string($tsrbase, $_POST["player_name"]);

$grad_year = mysqli_real_escape_string($tsrbase, $_POST["grad_year"]);

$query = "SELECT * FROM players WHERE player_name = '".$player_name."'AND grad_year = '".$grad_year."' ";

$result = mysqli_query($connect, $query);

 

  if (mysqli_num_rows($result) == 0) {

$InsertQuery = new WA_MySQLi_Query($tsrbase);

$InsertQuery->Action = "insert";

$InsertQuery->Table = "players";

$InsertQuery->bindColumn("player_name", "s", "".((isset($_POST["player_name"]))?$_POST["player_name"]:"") ."", "WA_BLANK");

$InsertQuery->bindColumn("grad_year", "d", "".((isset($_POST["grad_year"]))?$_POST["grad_year"]:"") ."", "WA_ZERO");

$InsertQuery->saveInSession("WADA_Insert_players");

$InsertQuery->execute();

$InsertGoTo = "playersInsert.php?";

if (function_exists("rel2abs")) $InsertGoTo = $InsertGoTo?rel2abs($InsertGoTo,dirname(__FILE__)):"";

$InsertQuery->redirect($InsertGoTo);

  }



}

?>

Hi Ray. Thx for sending. I tried to run what you sent and it loads fine but the query still doesn't work. I added a bracket after the line ($result = mysqli_query($connect, $query);). Once I added the bracket the query works how I want it to work. However, the page does not load properly. It will load but I get an error message at the top of the page. Undefined variable result on line 31. Line 31 is the line with the if (mysqli_num_rows($result) == 0) {. Also, I get the error

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in C:\wamp64\www\registry\Admin\players\playersInsert.php on line 31

Here is the code I'm using that is working properly with the error on load

<?php

//check.php

if(isset($_POST["Insert"])) {

$player_name = mysqli_real_escape_string($tsrbase, $_POST["player_name"]);

$grad_year =mysqli_real_escape_string($tsrbase, $_POST["grad_year"]);

$query = "SELECT * FROM players WHERE player_name = '".$player_name."'AND grad_year = '".$grad_year."' ";

$result = mysqli_query($tsrbase, $query);

}

if (mysqli_num_rows($result) == 0) {

if (isset($_POST["Insert"]) || isset($_POST["Insert_x"])) {
$InsertQuery = new WA_MySQLi_Query($tsrbase);
$InsertQuery->Action = "insert";
$InsertQuery->Table = "players";
$InsertQuery->bindColumn("player_name", "s", "".((isset($_POST["player_name"]))?$_POST["player_name"]:"") ."", "WA_BLANK");
$InsertQuery->bindColumn("grad_year", "d", "".((isset($_POST["grad_year"]))?$_POST["grad_year"]:"") ."", "WA_ZERO");
$InsertQuery->saveInSession("WADA_Insert_players");
$InsertQuery->execute();
$InsertGoTo = "playersInsert.php?NewPW=Yes";
if (function_exists("rel2abs")) $InsertGoTo = $InsertGoTo?rel2abs($InsertGoTo,dirname(__FILE__)):"";
$InsertQuery->redirect($InsertGoTo);
}
}
?>

Maybe the missing space in:

$query = "SELECT * FROM players WHERE player_name = '".$player_name."'AND grad_year = '".$grad_year."' ";

should be:
$query = "SELECT * FROM players WHERE player_name = '".$player_name."' AND grad_year = '".$grad_year."' ";

That didn't work. It's working fine except for the 2 error messages upon loading. Also, upon submission, instead of inserting the data with the next auto-incremented number for some reason the next auto-incremented ID number is 1,226; when the next number should be 89. I'm sure it's something simple. Thx

What two error messages are showing upon loading?

You can reset your auto increment value with this statement:

ALTER TABLE `players` AUTO_INCREMENT = 89;

Ray, Here is are the errors I get using the folloiwng code: Again, this works but I get the error messages. Also, the insert uses the auto number of 1289 instead of the correct auto number which the next insert should be 89. Not sure why but I can live with that I guess. I do konw how to reset the auto increment but that's not the issue. Thx Mike


Hi Ray. Thx for sending. I tried to run what you sent and it loads fine but the query still doesn't work. I added a bracket after the line ($result = mysqli_query($connect, $query);). Once I added the bracket the query works how I want it to work. However, the page does not load properly. It will load but I get an error message at the top of the page. Undefined variable result on line 31. Line 31 is the line with the if (mysqli_num_rows($result) == 0) {. Also, I get the error

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in C:\wamp64\www\registry\Admin\players\playersInsert.php on line 31

Here is the code I'm using that is working properly with the error on load


<?php

//check.php

if(isset($_POST["Insert"])) {

$player_name = mysqli_real_escape_string($tsrbase, $_POST["player_name"]);

$grad_year =mysqli_real_escape_string($tsrbase, $_POST["grad_year"]);

$query = "SELECT * FROM players WHERE player_name = '".$player_name."'AND grad_year = '".$grad_year."' ";

$result = mysqli_query($tsrbase, $query);

}

if (mysqli_num_rows($result) == 0) {

if (isset($_POST["Insert"]) || isset($_POST["Insert_x"])) {
$InsertQuery = new WA_MySQLi_Query($tsrbase);
$InsertQuery->Action = "insert";
$InsertQuery->Table = "players";
$InsertQuery->bindColumn("player_name", "s", "".((isset($_POST["player_name"]))?$_POST["player_name"]:"") ."", "WA_BLANK");
$InsertQuery->bindColumn("grad_year", "d", "".((isset($_POST["grad_year"]))?$_POST["grad_year"]:"") ."", "WA_ZERO");
$InsertQuery->saveInSession("WADA_Insert_players");
$InsertQuery->execute();
$InsertGoTo = "playersInsert.php?NewPW=Yes";
if (function_exists("rel2abs")) $InsertGoTo = $InsertGoTo?rel2abs($InsertGoTo,dirname(__FILE__)):"";
$InsertQuery->redirect($InsertGoTo);
}
}
?>

try:

<?php

//check.php

if(isset($_POST["Insert"])) {

  $player_name = mysqli_real_escape_string($tsrbase, $_POST["player_name"]);

  $grad_year =mysqli_real_escape_string($tsrbase, $_POST["grad_year"]);

  $query = "SELECT * FROM players WHERE player_name = '".$player_name."'AND grad_year = '".$grad_year."' ";

  $result = mysqli_query($tsrbase, $query);

  if (mysqli_num_rows($result) == 0) {

?>

<?php

if (isset($_POST["Insert"]) || isset($_POST["Insert_x"])) {

$InsertQuery = new WA_MySQLi_Query($tsrbase);

$InsertQuery->Action = "insert";

$InsertQuery->Table = "players";

$InsertQuery->bindColumn("player_name", "s", "".((isset($_POST["player_name"]))?$_POST["player_name"]:"") ."", "WA_BLANK");

$InsertQuery->bindColumn("grad_year", "d", "".((isset($_POST["grad_year"]))?$_POST["grad_year"]:"") ."", "WA_ZERO");

$InsertQuery->saveInSession("WADA_Insert_players");

$InsertQuery->execute();

$InsertGoTo = "playersInsert.php?NewPW=Yes";

if (function_exists("rel2abs")) $InsertGoTo = $InsertGoTo?rel2abs($InsertGoTo,dirname(__FILE__)):"";

$InsertQuery->redirect($InsertGoTo);

}

?>

<?php

  }

}

?>