johannsnr 0 Posted May 26, 2018 Report Share Posted May 26, 2018 The procedure add_customer on the coffee site simply adds a new customer to the table without checking if the current customer isn't already in the database. Is there a way to prevent duplicate customer records and how would the code change for example if (mysqli_num_rows($r) == 0) { call add_customer} if (mysqli_num_rows($r) == 1) { //thus the customer is in database and cannot be added again use information in database} Quote Link to post Share on other sites
Larry 428 Posted May 29, 2018 Report Share Posted May 29, 2018 That's a great question! You'd want to decide whether to have the stored procedure check for an existing customer or do it separately. If you have the stored procedure do it, you'd have to modify it to return an error message in that case. It'd be simpler to run a SELECT query outside of the procedure first, though, and then use the logic you have posted. Quote Link to post Share on other sites
johannsnr 0 Posted May 29, 2018 Author Report Share Posted May 29, 2018 ok so I have opted to run a query in the php file separately, then I realized that if (rows) can equal to 2, if for instance an email and mobile was found in the table. In both instances if a record was found I simply did not add the record and only retrieved a customer_id to be used later. I am concerned a little with security from that perspective. Quote Link to post Share on other sites
Larry 428 Posted May 30, 2018 Report Share Posted May 30, 2018 If I recall correctly, the second example in the book--that used the stored procedure--was designed purposefully to allow the same person to buy multiple times without registering. Which both explains what you're seeing and isn't a problem. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.