1

I need your help. I’m stuck at a point from where I can’t figure it out that how to stop a product to be booked twice a day on a web form.

I have 41 products to rent out on daily basis.

My problem is: if a client books a product #4 (pg_no) and date 26-06-2017 then another client isn't able to book the same product for the same period of time.

If a client selects the same product and date, then a message should appear saying "already booked - please select another date"

Also, do I have to define anything on database level?

Your help will be highly appreciated.

Please note: this rule is only for product # (pg_no) and date fields are not allow for the same day.

<?php
//connecting string
include("dbconnect.php");
//assigning
$pg_no=$_REQUEST['pg_no'];
$name=$_REQUEST['Name'];
$tele=$_REQUEST['Tele'];
$city=$_REQUEST['City'];
$date=$_REQUEST['Date'];   

//checking if pg_no and Date are same 
 $check=mysqli_query($db_connect,"SELECT * FROM lstclient WHERE pg_no='{$pg_no}', Date='{$date}'");

     if(mysqli_fetch_row($check) ==0)
     {
        echo "Already booked  please select another date<br/>";
     }
   //if not the insert data
    else
     {          
      $query=mysqli_query($db_connect,"INSERT INTO lstclient(pg_no,Name,Tele,City,Date) VALUES('$pg_no','$name','$tele','$city','$date')") or die(mysql_error());
      }
      mysqli_close($db_connect);

   // messaging 
     if($query)
        {
             header("location:index.php?note=failed");
        }
        else
        {
             header("location:index.php?note=success");
        }

    ?>
Improve this question
1
  • You have blatant SQL injections, if this will ever run on a server connected to the real internet you must escape any input that you get from a $_REQUEST before using it to build a SQL string. I escape everything, and it works great. Automated bots will find this and eat your site for breakfast. Commented Jul 7, 2017 at 15:39

2 Answers 2

Reset to default
1

Create a UNIQUE KEY constraint on your table between the two columns. 

ALTER TABLE lstclient ADD CONSTRAINT `pg_no_date` UNIQUE (pg_no, date)

Then when you try to insert a row that violates this constraint mysql will throw an error. You should catch this MySQL error and respond with the correct error.

if( mysqli_errno() == 1062) {
    // Duplicate key error
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thanks-- phpd and ryan for your help. one more issue, could you please tell me how to fix -- echo "Already booked please select another date<br/>";
0

Add a unique key to your lstclient table like ryan suggested. Also, your check query has syntax error, it should be like below.

SELECT * FROM lstclient WHERE pg_no='{$pg_no}' AND Date='{$date}'
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.