johannsnr 0 Report post Posted May 26, 2018 The procedure add_customer on the coffee site simply adds a new customer to the table without checking if the current customer isn't already in the database. Is there a way to prevent duplicate customer records and how would the code change for example if (mysqli_num_rows($r) == 0) { call add_customer} if (mysqli_num_rows($r) == 1) { //thus the customer is in database and cannot be added again use information in database} Quote Share this post Link to post Share on other sites
Larry 422 Report post Posted May 29, 2018 That's a great question! You'd want to decide whether to have the stored procedure check for an existing customer or do it separately. If you have the stored procedure do it, you'd have to modify it to return an error message in that case. It'd be simpler to run a SELECT query outside of the procedure first, though, and then use the logic you have posted. Quote Share this post Link to post Share on other sites
johannsnr 0 Report post Posted May 29, 2018 ok so I have opted to run a query in the php file separately, then I realized that if (rows) can equal to 2, if for instance an email and mobile was found in the table. In both instances if a record was found I simply did not add the record and only retrieved a customer_id to be used later. I am concerned a little with security from that perspective. Quote Share this post Link to post Share on other sites
Larry 422 Report post Posted May 30, 2018 If I recall correctly, the second example in the book--that used the stored procedure--was designed purposefully to allow the same person to buy multiple times without registering. Which both explains what you're seeing and isn't a problem. Quote Share this post Link to post Share on other sites
