Dren Posted October 18, 2013 Share Posted October 18, 2013 (edited) Hi, i have a problem with my code... I was dealing with registration and validation forms... and I encountered this problem. When i enter an e-mail my code doesn't recognize it as already in use... and adds another user with the same email.It doesn' say any error, just adds the new user with the same email in the table. here my code: <?php include ("phpconnect.php"); mysqli_select_db($connect, $database); echo "connected to $database<br>"; $name = $_POST['user']; $surname = $_POST['surname']; $password = $_POST['password']; $email = $_POST['email']; $reemail = $_POST['email']; $check = mysqli_query($connect, "SELECT * FROM users WHERE email = '.$email.'"); if(mysqli_num_rows($check) > 0){ echo "The email is already in use!"; }else{ mysqli_query($connect, "INSERT INTO users (name, surname, password, email) VALUES ('$name', '$surname', '$password', '$email')"); echo "added $email"; mysqli_close($connect); } ?> I tried everything by looking on google ... Edited October 18, 2013 by Dren Quote Link to comment Share on other sites More sharing options...
BrodaNoel Posted October 18, 2013 Share Posted October 18, 2013 (edited) Change this line: $check = mysqli_query($connect, "SELECT * FROM users WHERE email = '.$email.'"); for that: $check = mysqli_query($connect, "SELECT * FROM users WHERE email = '$email'"); In the other hand, look, you have problems with security... Please, read about: SQL Injection (search in google) You need use this funcion: mysqli_real_escape_string(). Read about that quickly Edited October 18, 2013 by BrodaNoel Quote Link to comment Share on other sites More sharing options...
Dren Posted October 18, 2013 Author Share Posted October 18, 2013 (edited) Change this line: $check = mysqli_query($connect, "SELECT * FROM users WHERE email = '.$email.'"); for that: $check = mysqli_query($connect, "SELECT * FROM users WHERE email = '$email'"); oh my ... ._." i tried the IMPOSSIBLE and the error was just that "."... thank you It works now! This code is just a game for me to learn better php... I'll write the security soon! Edited October 18, 2013 by Dren Quote Link to comment Share on other sites More sharing options...
BrodaNoel Posted October 18, 2013 Share Posted October 18, 2013 The error is in SQL, not in PHP. The QUERY executed are: SELECT * FROM users WHERE email = '.BrodaNoel.' And... .BrodaNoel. is not my username... If you whant use "." the code should be: $check = mysqli_query($connect, "SELECT * FROM users WHERE email = '".$email."'"); Quote Link to comment Share on other sites More sharing options...
Dren Posted October 18, 2013 Author Share Posted October 18, 2013 The error is in SQL, not in PHP. The QUERY executed are: SELECT * FROM users WHERE email = '.BrodaNoel.' And... .BrodaNoel. is not my username... If you whant use "." the code should be: $check = mysqli_query($connect, "SELECT * FROM users WHERE email = '".$email."'"); Oh thanks for your help Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.