最受欢迎

检查数据库中存在的病人,然后添加不存在的病人

checking database for existing patient and then adding if does not exist

本文关键字:然后 添加 不存在 数据库 检查 存在 | 更新日期: 2023-09-27

我创建了一个页面,其中mysql查询检查患者是否已经存在于数据库中,如果患者不存在,那么下面的代码应该将他们添加到数据库

 <?php
    include("includes/staffmenu.php");
    include("includes/staffsession.php");
    @require_once("includes/dbconfig.inc");
    $firstname=$_POST["pfname"];
    $middlename=$_POST["pmname"];
    $surname=$_POST["psname"];
    $nat=$_POST["pnat"];
    $DOB=$_POST["pdob"];
    $pemail=$_POST["pemail"];
    $add1=$_POST["padd1"];
    $add2=$_POST["padd2"];
    $add3=$_POST["padd3"];
    $postcode=$_POST["ppcode"];
    $telephone=$_POST["pphone"];
        $pcheck=mysql_query("
        SELECT * FROM patient 
        WHERE 
        Patient_First_Name='$firstname' AND Patient_Middle_Name='$middlename' AND Patient_Surname='$surname' AND Patient_National_Insurance_No='$nat' 
        AND Patient_DOB='DOB' AND Patient_Address_Line_1='$add1' AND Patient_Address_Line_2='$add2' AND Patient_Address_Line_3='$add3' AND Patient_Postcode='$postcode'");
        $myrow = mysql_fetch_row($pcheck);
            if($myrow)
                    {   echo "This Patient already exists.<br><br> Please press the back button on your browser or the backspace button on your keyboard to go back";
                    }
            else
                    {   mysql_query("INSERT INTO patient (Patient_First_Name,Patient_Middle_Name,Patient_Surname,Patient_National_Insurance_No,Patient_DOB,Patient_Email,Patient_Address_Line_1,Patient_Address_Line_2,Patient_Address_Line_3,Patient_Postcode,Patient_Phone_No  ) 
                        VALUES('$firstname','$middlename','$surname','$nat','$DOB','$pemail','$add1','$add2','$add3','$postcode','$telephone')") or die (mysql_error());
                        echo "<br>";
                        echo "<p>Success! The Patient has been added to the database
                        </p>";
                    }   
    ?>

问题是,即使病人已经存在,它也会不断添加一个新的…有人能告诉我哪里错了吗?

查找DOB时缺少$

Patient_DOB='$DOB'

另外,请注意您的代码很容易受到SQL注入攻击

尝试更改

Patient_DOB='DOB'


Patient_DOB='$DOB'
相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习