Two rows inserted into database ... I want one!

WebMachine · August 26, 2011, 8:00pm

I am building a simple discussion board for a friend (and to practice php). My issue involves the admin adding a new member to the board. He enters the person’s name in add_user.php, which is checked against the current and retired members already in the database and an appropriate message is printed if the name already exists. If not, another textbox appears where he enters the member’s email address for registration. This single-textbox form sends him to another page, add_userB.php, where there is a message about the successful registration and the new member’s name, email address and role (‘user’) is inserted into the database. All this works fine.

But … after the new record, a second record containing only the role (‘user’) is inserted, and I can’t figure out where it is coming from or how to prevent it. Here is the code from my two pages:

add_user.php

<?php
ini_set('error_reporting', E_ALL ^ E_NOTICE);
require_once("inc/session.php");
require_once("inc/connect_db.php");
require_once("inc/functions.php");
include_once("inc/form_functions.php");
confirm_logged_in();

if ($_SESSION['role'] != 'admin') {
		redirect_to('main.php');
	}	
	
if (isset($_POST['username'])) {
	
	$username = trim(mysql_prep($_POST['username']));
	$name_parts = explode(" ", $username);
	$first_name = $name_parts[0];
	$last_name = $name_parts[1];	
	
	$_SESSION['fname'] = $first_name;
	$_SESSION['lname'] = $last_name;
	
}

?>

<?php
include_once("inc/header.php");
?>

<h2>Add New Member</h2>

<p>Please enter the username (first name and last name) of the new member:</p>
<form name="check_user" action="add_user.php" method="post">
	<table>
		<tr>
			<td class="label">Username:</td>
			<td><input type="text" name="username" id="username" class="textbox" maxlength="50" value="<?php print("$username"); ?>"/><td>
		</tr>
		<tr>
			<td>&nbsp;</td>
			<td><input type="submit" name="check_user" id="check" class="button" value="Submit Name" /></td>
		</tr>
	</table>
</form>	

<?php
	$query = "SELECT id, first_name, last_name
		FROM users
		WHERE first_name = '$first_name'
		AND last_name = '$last_name' ";

	$result = mysql_query($query, $mysql_link);

	if (mysql_num_rows($result) == 1) {
		$row = mysql_fetch_row($result);
		$id = $row[0];
		$first_name = $row[1];
		$last_name = $row[2];
		
		$query2 = "UPDATE users
		SET role = 'user'
		WHERE id = '$id' ";
		
		$result2 = mysql_query($query2, $mysql_link);
		
		print("<p class=\\"message\\">$username is either already a member, or is a former member whose status will now be re-activated.</p>
		<p class=\\"message\\">You may check the contact information of this member on the <a href=\\"users.php\\">members' contact page</a> and update it if you wish.</p>");

	} else if (isset($_POST['username']) && mysql_num_rows($result) == 0) {
	
?>
	<p><?php print $username; ?> is not a registered member yet. To register, enter this person's email address here.</p>	
	
	<form name="add_user" action="add_userB.php" method="post" style="margin-left: 75px;">
			<table>
				<tr>
					<td class="label">Email Address:</td>
					<td><input type="text" name="email1" id="email" class="textbox" maxlength="100"  value="<?php print("$email1"); ?>"  /></td>
				</tr>
				<tr>
					<td>&nbsp;</td>
					<td><input type="submit" name="add_email" id="add_email" class="button" value="Submit Email Address" /></td>
				</tr>
			</table>	
	</form>
<?php
	}
?>

<p>Return to <a href="main.php">main page</a>.</p>

<?php
include_once("inc/footer.php");
?>

and add_userB.php

<?php
ini_set('error_reporting', E_ALL ^ E_NOTICE);
require_once("inc/session.php");
require_once("inc/connect_db.php");
require_once("inc/functions.php");
include_once("inc/form_functions.php");
confirm_logged_in();

if ($_SESSION['role'] != 'admin') {
		redirect_to('main.php');
	}	

include_once("inc/header.php");
?>

<h2>Add New Member</h2>

<?php
if (isset($_SESSION['fname']) && isset($_SESSION['lname']) && isset($_POST['email1'])) {
	$fname = trim(mysql_prep($_SESSION['fname']));
	$lname = trim(mysql_prep($_SESSION['lname']));	
	$email1 = trim(mysql_prep($_POST['email1']));
}
				
	$query = "INSERT INTO users
	SET first_name = '$fname',
	last_name = '$lname',
	email1 = '$email1', 
	role = 'user' ";
	
	print("<p style=\\"font-weight: bold; color: green;\\">$query</p>");
	
	$result = mysql_query($query, $mysql_link);
?>

<p>An email will be sent to <?php print("$fname $lname"); ?> with a temporary password and an explanation of the forum rules.</p>
	
<p>Return to <a href="main.php">main page</a>.</p>

<?php
include_once("inc/footer.php");
?>

I have struggled with this for a few hours now, so I’m not taking the easy way out. Could someone please look at my code and tell me what is wrong? Thank you.

charlestonolaes · August 26, 2011, 10:09pm

I honestly can’t find anything wrong with the code posted here, unless there is something in one of the included files that does additional inserts, it really hard to tell where the second insert is coming from.

If the second inserted row only inserts the role without first name, last name and email. you could try setting the email datatype(in mysql) to ‘not null’ but this will still accept empty strings.

Try doing an echo on the $query on add_userB.php and running the query though mysql, either through the command line or phpmyadmin or whatever mysql client you’re using to check if it only inserts one row.

check if there are any other insert queries in any of the functions called in the script.

WebMachine · August 28, 2011, 5:50pm

Sorry I took so long to respond (no internet access so I have to use the library), and thank you for your help.

There are no sql queries in my includes files … what you see is all I had for this feature. I will try your two suggestions and see if they work. If they don’t, I’m still open to more suggestions.