Ok, i have a form that is passed data through a QR CODE. The form works great at what it does. It asks for username and password and if they authenticate, then information is entered into MYSQL db. Works perfect. However, I am getting duplicate records. I don’t want duplicate records, but I’m also not a PHP programmer.. My question, can someone look at this code, and help me get to where it needs to be to:
- Authenticate the user
- Check if record already exists, and
- If it doesn’t exist, enter into database ORT
- if it does exists, die.
- Show me how to update the code to work with PHP 8.1
<?php
require('db.php');
Session_start();
$FN = $_GET['FirstName'];
$LN = $_GET['LastName'];
$DL = $_GET['DLNumber'];
if (isset($_POST['username'])) {
$username = stripslashes($_REQUEST['username']);
$username = mysqli_real_escape_string($con, $username);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($con, $password);
$query = "SELECT * FROM `onlineusers` WHERE username='$username'
AND password='" . md5($password) . "'";
$result = mysqli_query($con, $query) or die(mysql_error());
$rows = mysqli_num_rows($result);
if ($rows == 1) {
$_SESSION['username'] = $username;
$Instructor = $_POST['username'];
$_SESSION['FirstName'] = $FN;
switch ($Instructor) {
case "Kevin":
$Instructor = 'Kevin D.';
break;
case "Carlos":
$Instructor = 'Carlos L.';
break;
case "Mike":
$Instructor = 'Mike T.';
break;
case "Bill":
$Instructor = 'Bill W.';
break;
}
$Date = date('Y-m-d');
$Hours = '5';
$Activity = 'Training';
$Location = $_POST['location'];
switch ($Location) {
case "Please select a location":
$Location = 'Chicago';
break;
case "Milwaukee":
$Location = 'Milwaukee';
break;
case "Mount Pleasant":
$Location = 'New York';
break;
}
$query = mysql_query("SELECT * FROM log WHERE DLNumber='$DL' AND Date='$Date'");
if(mysql_num_rows($query) != 0){
echo "Student already checked in for the day.";
}
else
{
$query2 = "INSERT into `log` (FirstName, LastName, DLNumber,Instructor,Location,Hours,Activity, Date)
VALUES ('$FN', '$LN', '$DL', '$Instructor','$Location','$Hours','$Activity','$Date')";
$result = mysqli_query($con, $query2);
header("Location: dashboard.php");
}
} else {
echo "<div class='form'>
<h3>Incorrect Username/Password.</h3><br/>
<p class='link'>Click here to <a href='login.php'>Login</a> again.</p>
</div>";
}
} else {
?>
<form class="form" method="post" name="login">
<h1 class="login-title">Login</h1>
<input type="text" class="login-input" name="username" placeholder="Username" autofocus="true"/>
<input type="password" class="login-input" name="password" placeholder="Password"/>
<input type="hidden" class="login-input" name="FirstName" value='<?php echo trim($FN); ?>'/>
<input type="hidden" class="login-input" name="LastName" value='<?php echo trim($LN); ?>'/>
<input type="hidden" class="login-input" name="DLNumber" value='<?php echo trim($DL); ?>'/>
<input type="hidden" name="login" value="true">
<select name="location">
<option hidden="true">Please select a location</option>
<option value="Chicago">Chicago</option>
<option value="Milwaukee">Milwaukee</option>
<option value="New York">New York</option>
</select>
<input type="submit" value="Login" name="submit" class="login-button"/>
</form>
<?php