I am trying to set up an input form that has a bit of validation on it. MY form inserts and displays a message when nothing is entered into the input.
However, I am trying to create a piece of code that quieries the database to see if the value already exisits. After testing I think the problem is MySQL statement but I’m not sure what I’m doing wrong, can anyone make any suggestions please?
Here is my statement :
$queryName = mysql_query("SELECT name FROM brands WHERE name = LIKE'".$_POST['name']."'");
The full script :
<h1>Add a <? echo $page ; ?></h1>
<? echo $addMessage; ?>
<form action="<?php echo $_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']; ?>" name="add" method="post">
<input type="text" class="input" name="name" />
<input name="Submit" type="submit" class="button" value="Add a <? echo $page; ?>" />
</form>
<? echo $back ; ?>
<?
// display add form
}
elseif(!$_POST['name']) {
echo "<p class=\"errorMessage\">You must enter a $page into the input field...<a href=\"".$_SERVER['PHP_SELF']."\">try again.</a> !</p>";
}
elseif($_POST['name']) {
//SQL query
$queryName = mysql_query("SELECT name FROM brands WHERE name = LIKE'".$_POST['name']."'");
echo $queryName;
if ($RESULT = mysql_fetch_array($queryName)){
echo "The value $queryName already exists in this system, please enter another <a href=\"".$_SERVER['PHP_SELF']."\">check the list and add another value.</a>";
}
else { //add form is being sent
//Insert the values into the correct database with the right fields
$result=MYSQL_QUERY("INSERT INTO `brands` (`name`)".
"VALUES ('".strip_tags($_POST['name'])."')");
echo "<p class=\"add\">You successfully added a brand...<a href=\"".$_SERVER['PHP_SELF']."\">go back to the list.</a>";// in php you escape " characters with the backslash,
}
}
