0

hi guys i'm new with php and mysql, i am currently trying to check the user input &username if there's already existing the same username in the database, and same with user input $email.

i have below codes, i tried having a line that echoes and compares user input against fetch rows/ data from database. I was able to verify that it reaches to the point where line echo $email."COMPARE".$result2; is both the same, yet it passes the condition $email == $result2 where result2 is email fetch from database. Can you please point me what's wrong? THanks in advance.

$extract= mysql_query("SELECT * FROM users");
$resultq = mysql_num_rows($extract);
while($row= mysql_fetch_array($extract))
{

    $result = $row['username'];
    $result2 = $row['email'];

    echo $email."COMPARE".$result2;

    if($username == $result) 
    {
         echo "<script type=\"text/javascript\">alert('Username Already Taken')</script>";
         echo "<meta http-equiv=\"refresh\" content=\"0;url=6signup.html\" />";
         break;

    }
    else if ($email == $result2)
    {
         echo "<script type=\"text/javascript\">alert('Email Already Registered')</script>";
         echo "<meta http-equiv=\"refresh\" content=\"0;url=6signup.html\" />";
         break;
    }
    else
    {
        //continues to execute the loop until no more to fetch
    }
Improve this question
3
  • Can you add a little more debugging? Instead of the 'echo()', try var_dump($email) and var_dump($result2). Also, if you're looking to see if the username or email are taken, you can do that in your query and let the database tell you if they're available - you just need to add a WHERE clause. Commented Aug 23, 2013 at 16:39
  • You are running while loop. just put break statement in both if and else if and no two results will be displayed Commented Aug 23, 2013 at 16:42
  • what's wrong with my statemetn? fetch array doesn't work? i do have break @user1502952. Commented Aug 23, 2013 at 17:47

1 Answer 1

Reset to default
1

I would use a different approach and do the search in your SQL-query. SQL is better (and performs better) on that kind of searches.

You won't need a while loop for this query:

SELECT *
FROM users
WHERE username = '<input username here>'
OR email = '<input email here>'

If you get a result, it means that either the username or the e-mailaddress is already registered. Use an if-statement to check whether or not it's the username or the e-mailaddress.

Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO, or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

The full PHP-code would be something like this (for PDO):

// Database connection
// -------------------
// I usually put this in a seperate file and include it.
try {
    $dbconn = new PDO('mysql:dbname=database;host=localhost', 'username', 'password');
} catch (PDOException $e) {
    die('Connection failed: ' . $e->getMessage());
}

// Prepare statement
// -----------------
// Build query using question mark parameters
$sql = "SELECT * FROM users WHERE username = ? OR email = ?";
// Create prepared statement
$sth = $dbconn->prepare($sql);

// Execute statement
// -----------------
// The parameters are automatically changed into your input data
$sth->execute(array($username, $email));

// Put all affected rows in $result (array!)
$result = $sth->fetchAll();

// Check array contents
// --------------------
if (count($result) > 0) {
    // Loop through results
    foreach ($result as $row) {
        if ($username == $row['username']) {
            echo "<script type=\"text/javascript\">alert('This username is already taken!')</script>";
            echo "<meta http-equiv=\"refresh\" content=\"0;url=6signup.html\" />";
        } else { // If username doesn't match, it has to be the e-mailaddress
            echo "<script type=\"text/javascript\">alert('This e-mailaddress has already registered!')</script>";
            echo "<meta http-equiv=\"refresh\" content=\"0;url=6signup.html\" />";
        }
    }
} else {
    /* Code to execute when not registered yet */
}
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Yep. SQL is exactly for this purpose! Would give +1 for the PDO stuff alone too, and you could mention SQL injection too at the same time. I think there should be a standard comment about PDO and SQL injection attached to all PHP mysql questions...
The main advantage of PDO and MySQLi is, if used properly (prepared statements), that it's already protected against SQL injection...
@MartyMcVry Can you please convert my statement into a PDO as an exmaple? As a guide? Thank :S
Username Or Email already used, can't it be specific? like a separate condition checking for username and email?
You would have to add that in the if (count($result) > 0) { statement. $result contains an array, so you can use a foreach loop to loop through the found results. Check within the foreach loop for username or email. - see edit
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.