0

I have a register form that goes through the following steps:

  1. Fill in user information (name,adress,etc.) and username
  2. If user presses the submit button, it is checked if username is already in the database or not
  3. If username is already in use, he must rename username, if not, it is shown what he has entered (name,adress etc.).
  4. He has to confirm the website rules and that his input data is correct. If he presses the confirm button, a row with his details and username will be inserted in the database.

I do not want to insert the row in the database after step 2., because I dont want rows from users in my database that did not confirm the rules. Also I want to keep step 3., so the user can make sure that his data is correct. Unfortunately, at the moment the code cant prevent the unlikely case that two user register at the same time with the same username. How does one prevent this case in general? I know there are a lots of php forms out there who proceed with these 4 steps.

EDIT: Sorry, that I didn't make it clear enough: I am not concerned about double entries in my database, this can be prevented by setting the username field unique. I want to know how can I check in step 2. that the username is not used in the database AND not used by any other user who is currently using the registration form.

Adam
  • 25,960
  • 22
  • 158
  • 247
  • What have you tried so far? You include no code with your question. To give you a general answer, you'd `SELECT` rows with that username from the database, and see if you get any repsonses or no. If you do, it already exists, don't try to insert it. If it doesn't, great, move on. – casraf Feb 09 '14 at 12:54
  • Possible duplication of this question http://stackoverflow.com/questions/18008191/mysqli-insert-but-only-if-not-a-duplicate – terrorfall Feb 09 '14 at 12:54
  • Chen Asraf said it already, and to ensure conflicts with the unlikely situation that two register with the same username at the same time, did you set the username field in your database as "unique"? – Avinor Feb 09 '14 at 12:56
  • yes I set the username field to "unique". I am worried about the fact that in step 2. it is only checked if the username is already in the database. So if 2 user register at the same time both will pass step 2. but in step 4. one of them cant process. – Adam Feb 09 '14 at 12:58
  • 2 users registering the exact same username at the exact same time is pretty unlikely. Is all the data being placed into the database at once, or is the username put in first, with the rest of the data following later? – terrorfall Feb 09 '14 at 13:08
  • @PeteSimmons during the form I store all data in a session and in step 4. all data is placed in the database at once. I want to prevent to insert a row with only a username in it, and the rest following later, because I only want to have valid rows in my database from users who have confirmed the website rules. – Adam Feb 09 '14 at 13:11
  • What if you create a new table for the temporary data? You can then verify against both tables and only insert a row if the username does not exist in either tables. You can then remove that temporary value once the user completes step 4 – terrorfall Feb 09 '14 at 14:10
  • @PeteSimmons Yes I could do that. But then again I have to handle the situation that both usernames are writen in the temporary data at a similar time, which means i need to make a Transaction and Update For as explained here http://stackoverflow.com/questions/21650252/ . I probably just catch the error of duplicates in step 4 as descriped here http://stackoverflow.com/questions/3146838/ and if the error accours I ask the user to define a new username and bring him back to step 1. – Adam Feb 09 '14 at 14:25

2 Answers2

3

Data integrity in a database should be ensured by the database, not by the interface. This means that if you want UNIQUE usernames you should use the built in UNIQUE index in the database.

That way it is impossible to have two users with the same name, even if they registered at the same time.

UPDATE:

Based on your last edit I would could create a temporary table where you would insert the username in Step 2, supposing it doesn't exist in your users table. That way a user can "lock" a username until they complete registration in Step 4.

Once they reach Step 4 you move the data from the temporary table to the users table.

aurbano
  • 3,324
  • 1
  • 25
  • 39
  • Sorry about my unclear question, I added my question to it to make my question more precise. – Adam Feb 09 '14 at 13:04
0

so here is what you can do but make sure what @chevi said .. alter your table and add unique attribute that username column... that all at backend..

now comes front end ..in the form when user has chosen/entered username you can make a ajax call which checks user entered username in your DB and returns TRUE Or FALSE accordingly you can then n there notify user that hey this user name is already taken also you can restrict user to submit that form

Community
  • 1
  • 1
Ashish Sajwan
  • 705
  • 8
  • 16
  • Thank you for the answer. I edit my question to make my question more precis – Adam Feb 09 '14 at 13:07
  • keep the submit button disabled by default and enable that submit button only if user enters a username that is unique... for checking username you can use AJAX.... – Ashish Sajwan Feb 09 '14 at 13:12