我該如何檢查學校是否存在數據庫與MYSQLI

Question

我有一個問題，如何檢查一個學校是否存在我所做的數據庫內？我已經提供了下面的MYSQLI代碼。如果你看到任何語法錯誤，請你幫我解決它們。感謝您的幫助，我真的很感激。

$connection = mysqli_connect("localhost", "root", "root", "babble"); 
    $check ="SELECT COUNT(1) FROM schools WHERE schoolname = '$_POST[schoolname]'"; 
    $result = mysqli_query($connection,$check); 
    $data = mysqli_fetch_array($result, MYSQLI_NUM); 
    if ($data[0] > 1) { 
     echo "<center><div class='alert alert-danger'><p>Sorry, but that school already exists in the database</p></div></center>"; 
    }else{ 
     $insert = "INSERT INTO schools";   
    } 

Answer 1

您忘記了關於帖子變量名稱的引號。另外，您應該進行消毒以防止注射。我創建了一個可用於未來參考的功能。它會修剪除了字母和數字以外的所有內容（因爲我假設你的學校名稱不包含符號）

此外，你應該檢查PDO。我爲你寫了一個例子。

function protect($str) 
{ 
    $str = stripslashes($str); 
    $str = strip_tags($str); 
    $str = preg_replace("[^A-Za-z0-9]", "", $str); 

    return $str; 
} 

$schoolToCheck = protect($_POST['schoolname']); 

PDO

$pdo = new PDO('mysql:host=localhost;dbname=root', 'root', 'babble'); 

$stmt = $pdo->prepare("SELECT COUNT(*) FROM schools WHERE schoolname = '$schoolToCheck'"); 
$stmt->execute(); 
if($stmt->rowCount() > 0) 
{ 
    echo "<center><div class='alert alert-danger'><p>Sorry, but that school already exists in the database</p></div></center>"; 
} 
else 
{ 
    $insert = "INSERT INTO schools"; 
} 

的mysqli

$connection = mysqli_connect("localhost", "root", "root", "babble"); 

$check = "SELECT COUNT(*) FROM schools WHERE schoolname = '$schoolToCheck'"; 
$result = mysqli_query($connection,$check); 
$data = mysqli_fetch_array($result, MYSQLI_NUM); 
if ($data[0] > 0) 
{ 
    echo "<center><div class='alert alert-danger'><p>Sorry, but that school already exists in the database</p></div></center>"; 
} 
else 
{ 
    $insert = "INSERT INTO schools";   
} 

編輯：簡短而親切

$count = $pdo->query("SELECT COUNT(*) FROM schools WHERE schoolname = '$schoolToCheck'")->fetchColumn(); 
if($count > 0) 
{ 
    echo "already exists"; 
} 
else 
{ 
    echo ""; 
}