OK Chris, I understand that we're checking checking the form data and escaping it, but can explain what's going on in the WHERE clause and 1=1 tad bit more. "Chris" <dmagick@xxxxxxxxx> wrote in message news:4694268E.1080908@xxxxxxxxxxxx > kvigor wrote: >> /*Good Morning to All, >> >> I am having an issue with the following code. I'm trying to match >> $newRegistrant(which is concatenated form data) with $oldRegistrant(which >> is concatenated DB data). > > First thing I'd suggest is making the code clearer about what's going on. > > Doing it the way I have below will also make it faster because you don't > have to check every registrant to see if they already there - make the > database do the work for you. > > > $newRegistrant_query = "SELECT > conName,conAddress,conCity,conState,conPhone,schName,schCity,schState,strName,strCity,strState > FROM central WHERE "; > if(isset($_POST['submit'])) { > $fields_to_check = array('conName', 'conAddress', 'conCity' ..... add more > fields here); > foreach ($fields_to_check as $field_name) { > $newRegistrant_query .= $field_name . "='" . > mysql_real_escape_string($_POST[$field_name]) . "' AND "; > } > // you can either remove the last AND from the query or just add this on > so you don't need to worry about a mal-formed query. > $newRegistrant_query .= "1=1"; > } > > Then > > $matchQueryResult_result = mysql_query($newRegistrant_query,$connection) > or die > ("Query Failed".mysql_error()); > > $found_registrant = false; > while ($row = mysql_fetch_assoc($matchQueryResult_result)) { > $found_registrant = true; > // check your datestamps. > } > > // they have never registered before > if (!$found_registrant) { > // make up an insert query and add them. > } > > makes it a lot easier to read and be a lot easier to debug. > > -- > Postgresql & php tutorials > http://www.designmagick.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
