插入MYSQL数据库（如果不存在）

Question

我试图添加一个客户到我创建的MySQL数据库。 每当有人在网上商店订购商品时，客户就会被添加到数据库中（我不想重复）。这里是我的php代码：

$sqlInsert = "INSERT INTO Customers (FirstName, Address, Phone) 
VALUES (".$userName.",".$address.",".$phone.")"; 

if(mysqli_query($conn, $sqlInsert)) { 
    echo "new member registered successfully!"; 
} else { 
    echo "Error: " . $sqlInsert . "<br>" . $mysqli_error($conn); 
} 

我已经看过查询，如INSERT INTO ... WHERE NOT EXISTS。但我不明白我的情况的语法，并不知道它是否会起作用。 这里是我的MySQL客户表代码：

CREATE TABLE IF NOT EXISTS Customers (
PersonID INT(11) NOT NULL AUTO_INCREMENT, 
Email VARCHAR(100), 
FirstName VARCHAR(100) NOT NULL, 
LastName VARCHAR(100), 
City VARCHAR(90), 
Zip INT(10), 
CustomerState VARCHAR(50), 
Address VARCHAR(200), 
Country VARCHAR(20), 
Phone VARCHAR(50) NOT NULL, 
PRIMARY KEY (PersonID) 
); 

Answer 1

INSERT INTO Customers (FirstName, Address, Phone) 
SELECT * FROM (SELECT '$firstName', '$address', '$phone') AS tmp 
WHERE NOT EXISTS (
    SELECT FirstName from Customers WHERE FirstName= '$firstName' 
) LIMIT 1; 

这将防止基于第一名称，你可以使用所有这些列的检查，我想匹配列应该是电子邮件，您可以使用。

我只是在查询中添加了参数，以便获得一个想法，使用参数绑定来避免sql注入。

OR

select * from customers where .... // 

获取结果集的大小，如果size > 0这意味着有一个排了，所以不要将其插入。

Sql语句取自MySQL: Insert record if not exists in table并修改。

Answer 2

尝试插入前选择查询并检查行...尝试使用Mysqli Prepared语句。我这样做你的代码...

<?php 
    $sqlselect = "SELECT * FROM Customers WHERE FirstName = ".$userName." AND Address = ".$address." AND Phone = ".$phone; 
    $exqry = mysqli_query($conn, $sqlselect); 
    $cnt = count($exqry); 
    if($cnt == 0){ 
     $sqlInsert = "INSERT INTO Customers (FirstName, Address, Phone) 
     VALUES (".$userName.",".$address.",".$phone.")"; 

     if(mysqli_query($conn, $sqlInsert)) { 
     echo "new member registered successfully!"; 
     } else { 
     echo "Error: " . $sqlInsert . "<br>" . $mysqli_error($conn); 
     } 
    }else{ 
echo "Member already in table."; 
//do your update or other stuff. 
} 
    ?>