0
//queries that have to be run.
$sql1="INSERT INTO user (userEmail,fname,lname,mobileno,designation,institution,userPassword,loginToken,userType,status,created,modified)
VALUES ('$userEmail','$fname','$lname','$mobileno','$designation','$institution','$hash',UUID(),'$userType','active',CURRENT_TIMESTAMP(),CURRENT_TIMESTAMP())";
$sql2="INSERT INTO authorDetail (id,paperName,paperId,paymentStatus)
VALUES ('$last_id', '$paperName', '$paperId', '$paymentStatus')";
$sql3="SELECT id FROM user WHERE userEmail = '$userEmail'";
echo "check 3"."<br>";
//connection to update the inserted data from an html form
if (mysqli_query($connect, $sql1))
{
$last_id = mysqli_insert_id($connect);
echo "New record created successfully. Last inserted ID is: " . $last_id; // code for getting the last entered data in the table
}
else
{
$lastlast_id = mysqli_insert_id($connect);
echo "Error: " . $sql1 . "<br>" . mysqli_error($connect); //this checks for the validation of email from the user table
echo "checkcheck";
}
echo "check 4"."<br>";
// code for updating the foreign key mapped table
if (mysqli_query($connect, $sql2))
{
$last_id = mysqli_insert_id($connect);
echo "New record created successfully. Last inserted ID is: " . $last_id; //finding the id of the last inserted data+
} else {
enter code here
echo "Error: " . $sql2 . "<br>" . mysqli_error($connect);
}
echo "check5"."<br>";
mysqli_close($connect);
echo "check 6"."<br>";
如何檢查如果電子郵件已存在於數據庫中,並且存在,則在另一個映射爲外部表的表中更新它。如果用戶已經存在,如何確保對現有密鑰的驗證進行檢查並進行適當更新? –
一些明智的代碼縮進將是一個好主意。它可以幫助我們閱讀代碼,更重要的是,它可以幫助您**調試您的代碼** [快速瀏覽編碼標準](http://www.php-fig.org/psr/psr-2/ )爲了您自己的利益。您可能會被要求在幾周/幾個月內修改此代碼 ,最後您會感謝我。 – RiggsFolly
您的代碼易受[** SQL注入**](https://en.wikipedia.org/wiki/SQL_injection)攻擊。您應該通過[** mysqli **](https://secure.php.net/manual/en/mysqli.prepare.php)或[** PDO **](https ://secure.php.net/manual/en/pdo.prepared-statements.php)驅動程序。 [**這篇文章**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)有一些很好的例子。 –