Form handling in php using oracle database

konrms · October 8, 2018, 7:38am

Hello my friends!

I’m a very php novice and I need your help!

I have created a form in html which prompts users to input first name, last name and phone number. I want this data to be inserted into an oracle table called W_TEST. I want the phone number to be unique (e.g. two users may have the same first and last name, but not the same number. The database I use is oracle. One way I fixed this was by setting phone number as primary key, but i don’t like that solution.

How could I modify my php code to warn user that his/her data was not inserted in case of duplicate phone numbers?

I would appreciate your valuable help!

My code is the following:

(1) oracle table:

CREATE TABLE W_TEST
(
FNAME VARCHAR2(64) NULL,
LNAME VARCHAR2(64) NULL,
TNUM INT NOT NULL,
CONSTRAINT MYKEY PRIMARY KEY (TNUM) – I want to work without it!
);

COMMIT;

(2) html form:

> <!DOCTYPE html>
> <html lang="en">
> <head>
>     <meta charset="UTF-8">
>     <link rel="stylesheet" type="text/css" href="form_style.css">
>     <title>User Input Data</title>
> </head>
> <body>
> 
> <k1 class = "myhome">Input Data</k1>
> 
> <!-- <h3>Please enter your personal data</h3> --->
> 
> <form method="post" action="form_data.php" id="forma">
>     <fieldset>
>         <legend>Insert your data below:</legend>
>     Όνομα:<br>
>     <input type="text" name="firstname" required><br>
>     Επώνυμο:<br>
>     <input type="text" name="lastname" required><br>
>     Τηλέφωνο:<br>
>     <input type="number" name="phone" required pattern="[0-9]{11}"><br>
>     <input type="submit" value="ok!">
>    </fieldset>
>     <h6>(*Note: You must fill all fields!)</h6>
> </form>
> 
> </body>
> </html>
> 
> ----
> 
> (3) **php code (this is where I need your help!):**  
> 
> <?php
> 
> echo "<link rel='stylesheet' type='text/css' href='form_style.css'>";
> 
> error_reporting(E_ALL);
> ini_set('display_errors', 'On');
> 
> $username = "KONRMS";                  // Use your username
> $password = "Welcome2018";             // and your password
> $database = "localhost/XE";   // and the connect string to connect to your database
> 
> $a = $_POST["firstname"];
> $b = $_POST["lastname"];
> $c = $_POST["phone"];
> 
> $quake = "
> INSERT INTO W_TEST
> (FNAME, LNAME, TNUM) 
> VALUES
> ('$a', '$b', '$c') 
> ";
> 
> $c = oci_connect($username, $password, $database, 'UTF8');
> 
> if (!$c) {
>     $m = oci_error();
>     trigger_error('Could not connect to database: '. $m['message'], E_USER_ERROR);
> }
> 
> $s = oci_parse($c, $quake);
> if (!$s) {
>     $m = oci_error($c);
>     trigger_error('Could not parse statement: '. $m['message'], E_USER_ERROR);
> }
> 
> $r = oci_execute($s);
> if (!$r) {
>     $m = oci_error($s);
>     trigger_error('Could not execute statement: '. $m['message'], E_USER_ERROR);
> }
> 
> echo "<ppp> Successfully saved data! </ppp>";
> 
> ?>

astonecipher · October 8, 2018, 2:19pm

Add a unique constraint onto the table column.

CONSTRAINT unique_phone UNIQUE (TNUM)

konrms · October 8, 2018, 8:17pm

I was aware of that kind of solution. But we want to have the duplicate check done by the php code… I try to check if TNUM count>0 and if yes, code to say user number alrwady exist. Could help? Thanks a lot!

benanamen · October 8, 2018, 11:34pm

That is the wrong approach and will build in a race condition. What if two people share a house phone? You are only going to allow one of them? You might want to re-think your approach.

konrms · October 9, 2018, 5:28am

I’m practicing and I want to see how this works with that concept. I want each person to have a unique number. Ok two people can share a phone number. Let’s replace then phone number with a unique number id. Two people can have the same first and last name but cannot have the same id. Could you help with php code in that case?

thinsoldier · October 10, 2018, 6:19am

You usually don’t want the user to have control over the primary key (id) of their database record.

What if you have some service that only paying users can access but users are allowed to change their id to whatever they want?

User 88 did not pay. User 99 did pay. User 99 changes their id to 1099 (which does not yet exist) and then user 88 changes their id to 99, now that user can access the private content for free.

It would make sense for mobile phone or e-mail address to be unique.

konrms · October 10, 2018, 7:54am

I have modified my php as following. It’s very odd sometimes it works and sometimes not! Could you help me a little with it (especially with if statement).
Please don’t stick to phone number recommendations. I’m practicing and I try to understand how oci(s) work.

> <?php
> 
>     echo "<link rel='stylesheet' type='text/css' href='form_style.css'>";
> 
>     $username = "KONRMS";                  // Use your username
>     $password = "Welcome2018";             // and your password
>     $database = "localhost/XE";   // and the connect string to connect to your database
> 
>     $a = $_POST["firstname"];
>     $b = $_POST["lastname"];
>     $t = $_POST["phone"];
> 
>     $query1 = "SELECT FNAME FROM W_TEST WHERE TNUM= '$t'";
> 
> 
>     $query2 = "
>     INSERT INTO W_TEST
>     (FNAME, LNAME, TNUM) 
>     VALUES
>     ('$a', '$b', '$t') 
>     ";
> 
>     $c = oci_connect($username, $password, $database, 'UTF8');
> 
>     $test = oci_parse($c, $query1);
>     $oo = oci_execute($test);
> 
>     //( oci_num_rows($result) == false )
> 
>     echo oci_fetch($test);
> 
>     echo "<br>";
> 
>     if (oci_num_rows($test)) {
> 
>         echo "Phone number already registered!";
>     } else {
> 
>         $s = oci_parse($c, $query2);
>         $o = oci_execute($s);
>         echo "<ppp><br> Successfully saved data! </ppp>";
> 
>     }
> 
>     ?>

konrms · October 10, 2018, 11:42am

> Well I found a solution. Phone number should be better to be declared as VARCHAR2 in oracle and code works in every case. Just for your info and for helping anyone my code is the following:
> 
> **1) Oracle:**
> 
> DROP TABLE W_TEST;
> 
> CREATE TABLE W_TEST
> (
> FNAME   VARCHAR2(64)    NULL,
> LNAME   VARCHAR2(64)    NULL,
> TNUM    VARCHAR2(64)    NOT   NULL
> );
> 
> COMMIT;
> 
> **2) html:**
> 
> <!DOCTYPE html>
> <html lang="en">
> <head>
>     <meta charset="UTF-8">
>     <link rel="stylesheet" type="text/css" href="form_style.css">
>     <title>User Input Data</title>
> </head>
> <body>
> 
> <k1 class = "myhome">Enter data</k1>
> 
> <form method="post" action="form_data.php" id="forma">
>     <fieldset>
>         <legend>Personal Data</legend>
>     Όνομα:<br>
>     <input type="text" name="firstname" required><br>
>     Επώνυμο:<br>
>     <input type="text" name="lastname" required><br>
>     Τηλέφωνο:<br>
>     <input type="number" name="tilefono" required pattern="[0-9]{11}"><br>
>     <input type="submit" value="Proceed!">
>    </fieldset>
>     <h6>(*Note: Registration is obligatory in every field!)</h6>
> </form>
> 
> </body>
> </html>
> 
> **3) php (form_data.php)**
> 
> <?php
> 
> echo "<link rel='stylesheet' type='text/css' href='form_style.css'>";
> 
> $username = "KONRMS";                  // Use your username
> $password = "Welcome2018";             // and your password
> $database = "localhost/XE";   // and the connect string to connect to your database
> 
> $a = $_POST["firstname"];
> $b = $_POST["lastname"];
> $t = $_POST["tilefono"];
> 
> $query1 = "SELECT * FROM W_TEST WHERE TNUM= '$t'";
> 
> $query2 = "
> INSERT INTO W_TEST
> (FNAME, LNAME, TNUM) 
> VALUES
> ('$a', '$b', '$t') 
> ";
> 
> $c = oci_connect($username, $password, $database, 'UTF8');
> $test = oci_parse($c, $query1);
> oci_execute($test);
> oci_fetch($test);  //does not allow duplicates!
> echo "<br>";
> 
> if (oci_num_rows($test)) {
> 
>     echo "Phone number already registered!";
> 
> } else {
> 
>     $s = oci_parse($c, $query2);
>     oci_execute($s);
>     echo "<ppp><br> Successfully saved data! </ppp>";
> 
> }
> 
> ?>
> 
> **4) css (form_style.css)**
> 
> #forma {
>     position: fixed;
>     top: 50%;
>     left: 22%;
>     margin-top: -7cm;
>     margin-left: -200px;
>     font-family: "Baskerville Old Face";
>     font-weight: bold;
>     font-style: italic;
>     background-color: skyblue;
> }
> 
> h3 {
>     font-style: italic;
>     font-family: "Vladimir Script";
> }
> 
> h6 {
>     font-style: italic;
>     color: #ff0017;
> }
> 
> ppp {
>     font-style: italic;
>     font-family: "Bookman Old Style"
>     color: darkgoldenrod;
>     font-size: xx-large;
>     background: darkgrey;
> 
> }
> 
> k1.myhome {
>     background-color: cornsilk;
>     font-family: "Times New Roman";
>     font-size: large;
>     font-weight: bold;
> 
>     ;
> }