I'm about as sharp as a bowling ball!

ezinestein

Hi,

I've been looking through my PHP &MySQL for Dummies for the last 3 hours tying to figure out how to do this. Anyone willing to help me out will be my hero! I hope what I write makes sense!

I have a little script called putmail.php and I've put part of the code below. The script takes information submitted in a form and puts it into a DB table called invitedusers.

Here is the form:

putmail.php first checks the DB to see if the 'friendid' from the form is already in the field friendid. If it's NOT there it puts it there. And it also puts the 'userid' from the form into the field userid. That part is OK.

But...

If 'friendid' is already in the DB the script does nothing to the DB and simply redirects the visitor.

Here's what I want to happen.

If 'friendid' sent by the form is already in the DB, I want the script compare the 'userid' from the form with what is already in the userid field next to that friendid.

If it is the same, it's okay for the script to just redirect the visitor, just like it already does.

If it is NOT the same, I would like the old 'userid' updated with the one the sent by the form.

Hers is the code:

// Make sure friend is not already in database
$query = "SELECT friendid FROM invitedusers WHERE friendid='$friendid' ";
$result = @ ($query);
if (mysql_num_rows($result) == 0)
{ // Available. Add to database

$query="INSERT INTO invitedusers (userid, friendid) VALUES('$userid', '$friendid')";
$result =@mysql_query ($query);

if ($result) 
     {
	 // added now forward to signup page
        header ("Location: $redir_path&email=$friendid");
		//echo 'You did it.'; 

		//free_rs($rs);
        mysql_close();
		exit();
      }
}
else 
      { // Exists, forward to signup
        header ("Location: $redir_path&email=$friendid");

		mysql_close();
		exit();

      }


}

mysql_close();
exit();

Thanks again if anyone can help me with this!!!

kindly,
John

laserlight

<?php
//assume that $friendid, $userid have set and made safe against SQL injection
//note that these values *might* be altered by the user, so be careful

//check if friendid is in database
$query = "SELECT friendid, userid FROM invitedusers WHERE friendid='$friendid'";
$result = @mysql_query($query)
	OR die(mysql_error()); //for debugging
if (mysql_num_rows($result) == 0)
{
	//enter new friendid and userid
	$query = "INSERT INTO invitedusers (userid, friendid)
		VALUES('$userid', '$friendid')";
	if (!@mysql_query($query))
	{
		//some error message
		 die(mysql_error()); //for debugging
	}
}
else
{
	//is userid the same?
	$stored_userid = mysql_result($result, 0, 'userid');
	if ($userid != $stored_userid)
	{
		$query = "UPDATE invitedusers SET userid='$userid' WHERE userid='$stored_userid'";
		if (!@mysql_query($query))
		{
			//some error message
			die(mysql_error()); //for debugging
		}
	}
}
//now do the re-direction
header("Location: $redir_path&email=$friendid");