Answer the question
In order to leave comments, you need to log in
How to search for record in db and cancel form resubmission in Laravel 6 db?
Good afternoon!
Please help!
There is a form that reads the data and sends it to the database. When you first visit the page, an error is generated that $_GET is empty, but if $_GET is not empty, then when the page is reloaded, it sends the same data.
<form method="post">
<label>Биржы</label>
<select name="exchanges">
<?
$names_exchanges = DB::select('select name from trades;');
?>
@foreach ($names_exchanges as $exchange)
<option value="{{ $exchange->name }}">{{$exchange->name }}</option>
@endforeach
</select>
<label>Название</label>
<input name="name_ac">
<label>Key</label>
<input name="key">
<label>Secret</label>
<input name="secret">
<input type="submit">
</form>
public function index()
{
$user = Auth::id();
$exchange = $_GET['exchanges'];
$name_ac = $_GET['name_ac'];
echo $key_acc = $_GET['key'];
$secret = $_GET['secret'];
$results = DB::select('select id from trades where name = ?', [$exchange]);
global $trade_id;
foreach ($results as $key => $object) {
$trade_id = $object->id;
}
$checkDB = DB::table('user_trades')
->where('key_acc', $key_acc);
if ($checkDB) {
DB::insert('insert into user_trades (name,key_acc,skey,user_id,trade_id) values (?, ?, ?, ?, ?)', [$name_ac, $key_acc, $secret, $user, $trade_id]);
} else {
echo "Такой аккаунт существует";
}
Answer the question
In order to leave comments, you need to log in
1) there is no form in the question, but not the essence ...
2) use POST instead of GET
2.1) if ($_SERVER['REQUEST_METHOD'] === 'POST') {...
2.2) header('location: /');
A separate point is not to insert data that came from the user without processing into requests.
UPD: $checkDB will return true (in fact, a non-empty query object) if the user already exists, and you add the record AGAIN... Nice...
1. NEVER use get and post directly without processing, do escaping, cast to the right type, etc.
2. It is DESIRABLE to compare data not directly, but their hashes
3. Do not use global - you can easily overwrite the variable, and then be surprised at the result
4. Learn to debug, and not run to the toaster for any sneeze, for example, you add a record every time, which means , the $checkDB condition always fires. Why? See bare requests in pma, what comes to you, what you compare with, etc.
5. Get data before rendering the page, not during
You have three options.
1. Make a check that such a user_id has already been passed and do not insert (through related entities)
2. Make a check for duplicates by a constraint at the database level when saving.
3. Make a new field and mark that the data for this user has already been received.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question