0

I'm using the below PHP and jQuery script and I'm trying to check that the username put through doesn't exist in the database already.

PHP 

        if(mysqli_query($con, "SELECT id FROM user WHERE user_name='$username'")){
            echo '1'; //If there is a  record match in the Database - Not Available
        } else {
            echo '0'; //No Record Found - Username is available 
        }
    }
?>

jQuery

$(document).ready(function(){
    $("fieldset input[name=username]").change(function(){
        var username = $("fieldset input[name=username]").val();//Get the value in the username textbox
        if(username.length > 3){
            $(".username_status").html('<img src="loader.gif" align="absmiddle">&nbsp;Checking availability...');
            $.ajax({
                type: "POST",  
                url: "/donald/settings/check-username.php",  //file name
                data: "username="+ username,  //data
                success: function(data){
                    console.log("server_response: "+data);
                    if(data == '0'){
                        $(".username_status").html('<font color="Green"> Available </font>');
                    } else  if(data == '1'){  
                        $(".username_status").html('<font color="red">Not Available </font>');
                    }
                } 
            }); 
        } else {
            $(".username_status").html('<font color="#cc0000">Username too short</font>');
        }
        return false;
    });
});

The result always comes through as 1

Improve this question
3
  • 1
    mysqli_query see Return Values section. And btw you wanna bookmark php.net Commented Apr 15, 2013 at 10:58
  • Your code is wide open to SQL injection Commented Apr 15, 2013 at 11:12
  • @YourCommonSense please share an example of how to prevent this Commented Apr 15, 2013 at 11:53

4 Answers 4

Reset to default
3

If you take a look at mysqli_query() documentation:

Returns FALSE on failure. For successful SELECT, SHOW, DESCRIBE or EXPLAIN queries mysqli_query() will return a mysqli_result object. For other successful queries mysqli_query() will return TRUE.

So with valid query it should never return FALSE. Therefore you probably want to do this, using mysqli_result:

$q = mysqli_query($con, "SELECT id FROM user WHERE user_name='$username'");
if( $q && $q->num_rows ){
    echo '1';
} else {
    echo '0';
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

mysqli_query() returns true everytime you have a correct query, no matter its result. You need to use another mysqli_ function which will return rows i.e. mysqli_num_rows, _result or _fetch_array.

Ofcourse, each of them, has its own syntax, so you have to check it and use it properly in order to check if there's a result or not. i.e. if num_rows>0 or result($query, 0)

Improve this answer

Comments

1

You should check mysqli_num_rows instead . mysqli_query always return true if query is executed

Try changing php code to 

$resource = mysqli_query($con, "SELECT id FROM user WHERE user_name='$username'");
$rowCount = mysqli_num_rows($resource);  
 if($rowCount > 0){
        echo '1'; //If there is a  record match in the Database - Not Available
    } else {
        echo '0'; //No Record Found - Username is available 
    }
}
Improve this answer

Comments

-1

(mysqli_query($con, "SELECT id FROM user WHERE user_name='$username'")) will allways evaluate as true, if the query went OK. THis is not what you want.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.