Ask a question

Popular technologies


Latest questions:

898 sql - Reverse the array in php
717 php - Convert long numbers to short and compact
884 php - Codeigniter 4 validation error callback_check_password is not working
91 laravel - How to calculate hour two date difference in php?
805 php - Symfony project shows directory listing index instead of index page
361 php - Test Imagick Image
11 wordpress - I am getting issues with my single Post navigation in single.php with previous_post_link() and next_post_link() is not working with post type "post"
52 PHP bcrypt to PYTHON bycrypt not giving same values
996 php - How to fix error Query array failed: 1064
672 php - What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
  1. Home
  2. php - Generate unique key and save in the database not working
843 votes
2 answers

php - Generate unique key and save in the database not working

mangohost Get the solution ↓↓↓

I'm trying to create a unique key to save information in the database, but for some reason the $randStr variable has nothing at the end. After submitting, I get only a new id and email, nothing appears in the keystring. What's wrong?

Here's my sql table:

create table users (
    id int(11) not null PRIMARY KEY AUTO_INCREMENT,
    keystring varchar(110) not null,
    email varchar(220) not null
);

php code:

<?php

include_once 'includes/dbh.php';

function checkKeys($conn, $randStr) {
    $sqlcheck = "SELECT keystring FROM users";
    $result = mysqli_query($conn, $sqlcheck);

    while ($row = mysqli_fetch_assoc($result)) {
        if ($row['keystring'] == $randStr) {
            $keyExists = true;
            break;
        } else {
            $keyExists = false;
        }
    }

    return $keyExists;
}

function generateKey($conn) {
    $keyLength = 8;
    $str = "0123456789abcdefghijklmnopqrstuvwxyz";
    $randStr = substr(str_shuffle($str), 0, $keyLength);

    $checkKey = checkKeys($conn, $randStr);

    while($checkKey == true) {
        $randStr = substr(str_shuffle($str), 0, $keyLength);
        $checkKey = checkKeys($conn, $randStr);
    }

    return $randStr;
}

$recipient = $_POST['emailFor'];
$sender = $_POST['senderEmail'];
$message = $_POST['message'];

$sql = "INSERT INTO users (keystring, email) VALUES('$randStr', '$sender');";
mysqli_query($conn, $sql);

969
votes

Answer

Solution:

You are not callinggenerateKey function. Call this function and store return value to$randStr before inserting in database.

Note: please see SQL injection prevention for same.

$randStr = generateKey($conn);

// Your insert statement

2
votes

Answer

Solution:

While the accepted answer is correct as far as it goes, there is much here that can be improved. Reading all the existing keys and checking them one by one is intensive, and will get slower as the number of keys increases. It also opens a window for a race condition, where two requests are competing fro resources.

Applying a unique index to thekeystring column allows us to perform an atomic 'test and set' with MySQL checking the key and inserting it in one operation.

We can also switch to prepared queries to eliminate the risk of SQL injection.

So, apply a UNIQUE index to the keystring column. This modification to the table only needs to be done once.

ALTER TABLE `users` ADD UNIQUE INDEX `keystring_UNIQUE` (`keystring` ASC) VISIBLE;

Then the new code looks like this:

function generateKey() {
    $keyLength = 8;
    $str = "0123456789abcdefghijklmnopqrstuvwxyz";
    $randStr = substr(str_shuffle($str), 0, $keyLength);
    return $randStr;
}

$recipient = $_POST['emailFor'];
$sender = $_POST['senderEmail'];
$message = $_POST['message'];

// This will be required somewhere
$conn = mysqli_connect("xxxx", "xxxx", "xxxx", "xxxx");

// Prepare the query
$stmt = mysqli_prepare($conn, "INSERT INTO users (keystring, email) VALUES(?, ?);");

// If the key generated already exists the loop will try again.
// Limit the collisions before we give up
$collisionLimit = 10;

do {
    $randstr = generateKey();
    mysqli_stmt_bind_param($stmt, 'ss', $randstr, $sender);
    $result = mysqli_stmt_execute($stmt);


    // check the result. If it's TRUE all's well and we continue. 
    // If we have an error throw an Exc eption if it's not a duplicate key error

    if ($result === false) {
        if (mysqli_stmt_errno($stmt) != 1062) {
            throw new Exception(mysqli_stmt_error($stmt));
        }

        // If we have a collision, check the limit and throw an Exception if necessary
        if (--$collisionLimit) {
            throw new Exception("Unable to insert key - too many collisions");
        }
    }

} while ($result===false);

Source

Share

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Similar questions

Find the answer in similar questions on our website.

295 "Notice: Undefined variable", "Notice: Undefined index", "Warning: Undefined array key", and "Notice: Undefined offset" using PHP
831 php - How can i fix this col ? i did not arange my items i tried everthing but i did not fix the problem
689 php - PHPUnit test not sharing the entity manager with Symfony
429 Trying to Update DB table from html with php code not working
121 mysql - Order by After Where clause not working in MySQLi PHP
256 php - This page isn??�t working error showing because session not set
589 linux - PHP-FPM Exporter Binary can not access php unix socket
9 php - added route to laravel project is not working
907 php - Im trying to make a simple signup page, to improve my knowledge. the login page works but not the sign up paage
665 wordpress - Error in class-wp-roles.php - "array_keys() expects parameter 1 to be array"

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.




About the technologies asked in this question

PHP

PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites. The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/


MySQL

DBMS is a database management system. It is designed to change, search, add and delete information in the database. There are many DBMSs designed for similar purposes with different features. One of the most popular is MySQL. It is a software tool designed to work with relational SQL databases. It is easy to learn even for site owners who are not professional programmers or administrators. MySQL DBMS also allows you to export and import data, which is convenient when moving large amounts of information.
https://www.mysql.com/

Welcome to webdevask.com

Welcome to webdevask.com

Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.

Get answers to specific questions

Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.

Help Others Solve Their Issues

Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.