3個實例的驗證

-1

我試圖對當您獲取相同日期，同一時間和同一地點時進行驗證，它不會插入到數據庫中。它只會在數據庫中插入1個實例將返回false。3個實例的驗證

$res_date = $_POST['res_date']; 
$res_venue = $_POST['res_venue']; 
$res_dur = $_POST['res_duration']; 

$qryjay = mysql_query("SELECT * FROM tbl_reservation WHERE res_date='$res_date' AND res_dur = '$res_dur' AND res_venue = '$res_venue'");   
if ((mysql_num_rows($qryjay) == $res_date) && ($qryjay == $res_dur) && ($qryjay) == $res_venue){ 
echo "<script language=javascript>alert('".$res_venue." is not available on ".$res_dur." on ".$res_date."!')</script>"; 
}

來源

2013-10-11 AnnoyedKyo

你的代碼是容易受到SQL注入 –

OK，祝你好運任務。 – deceze

'mysql_num_rows'將會有no。受影響的行如何等於日期或時間的常識 –

嘗試修復你的代碼是這樣的：

<? 
$res_date = mysql_real_escape_string($_POST['res_date']); 
$res_venue = mysql_real_escape_string$_POST['res_venue']); 
$res_dur = mysql_real_escape_string$_POST['res_duration']); 

$qryjay = mysql_query("SELECT count(*) as countNbr FROM tbl_reservation WHERE res_date='".$res_date."' AND res_dur = '".$res_dur."' AND res_venue = '".$res_venue."'");   
$result = mysql_fetch_assoc($qryjay); 
if ($result['countNbr'] > 0)){ 
    echo "<script language=javascript>alert('".$res_venue." is not available on ".$res_dur." on ".$res_date."!')</script>"; 
} 
?>

來源

2013-10-11 09:10:48 Adam

非常感謝你！工作得很好！ – AnnoyedKyo

3個實例的驗證

回答

相關問題