MySQL: Preventing Two Same Names From Registering.

[Spock]

Ok, Seeing as this place could use some more activity, i need some help concerning MySQL and nickname registering.
My question is how do i prevent the same nickname from being regeistered twice.

i need to know this as i am tring to make a simple user registration system (i hope to eveolve it into a bbs in time), but a name can be registerd twice

heres my code :

register.html

<form action="reg.php">
Name: <input type="text" name="nick_name" maxlength="25"><br />
Password :<input type="password" name="nick_pass" maxlength="25"><br />
<button type="submit" name="submit">Submit</button>
</form>

reg.php

<?php
$user = $_GET['nick_name'];
$pass = $_GET['nick_pass'];
mysql_connect("localhost","root","xxzzyy");
mysql_select_db('bbs_test');
mysql_query('INSERT INTO `users` ( `name` , `pass` ) VALUES (\'' . $user . '\', PASSWORD( \'' . $pass . '\' ) )');
echo $user . ' Sucessfully EnteredInto DB';
?>

(also can you show me how to use something better than $_GET )

 

[AltF8]

What I do for my stuff (I think you know what... ) is to simply do a quick query in the database for the username that the user inputs. If I get something back, I know that name is taken and I'll tell them to use something else. If not, then the username is unique and allowed.

 

[Spock]

ok, but would i do something like

$check_user = mysql_query('SELECT `users` ( `name` ) VALUES (\'' . $user . '\' )'); 
if(!$check_user) {
//register code
} else {
echo ' Sorry, The Name You Selected Is Already in use';
}

(and yeah i know what your talking about )

 

[AltF8]

I think it looks right. I know about 0.0001% of PHP, but the equivilent in VBS would be to select the data like this:

SELECT name FROM users WHERE user = 'user_entered_name';

And if that recordset came back empty, then you're good to go. If you get a record returned, then the name exists. In VBS, we check for EOF - not sure how to do it in PHP.

 

[Flerbizky]

Looks correct... But...

I'd insert a capital check into the query as well, so that if you have a user named AltF8, someone couldn't register the username AlTF8...

 

[Spock]

it may look correct but then i run this query:

$check_user = mysql_query('SELECT name  FROM users  WHERE name = \'a\' LIMIT 0, 1');
if($check_user) {
//query is true
echo 'user exists';
} else {
//query false
echo ' User Doesnt Exist';
mysql_query('INSERT INTO `users` ( `name` ) VALUES ( \'a\' )');
echo 'user a created';
}

it always say the user exists.

[edit] 12:47am
Ive Figured It Out!
when i ran the query and checked it, it only checked if the query was true, but i really needed to check to see if it returened any rows. so i did this

$check = mysql_num_rows($check_name);

and in the if statement

if($check > 0)
and it works.

[/edit]

 

[AltF8]

Looks correct... But...

I'd insert a capital check into the query as well, so that if you have a user named AltF8, someone couldn't register the username AlTF8...

I've never had a problem with MySQL and strings. It always seems to ignore case. At least I think it has...

*runs and checks his site*

 

[AltF8]

I checked my site. It ignores case! Which means if you store your passwords as plain text in a varchar field, it'll ignore case too.

 

[AltF8]

Okay, here's the key. If you create the database table with:

VARCHAR(x) BINARY

It'll be case sensitive. I learned something today.