1
<?php
          error_reporting(0);
          $link = mysqli_connect("localhost", "root", "", "checksql"); 

          if($link === false){
            die("ERROR: Could not connect. " . mysqli_connect_error());
          }

          $myemailaddress=$_POST['useremail']; 
          $mypassword=$_POST['userpassword'];

          $sql = mysqli_query("SELECT * FROM register WHERE Email = '$myemailaddress' ");
          $count = mysqli_num_rows($sql);
          echo $count;

          if($count > 0){
            echo "success";
          } else{
            echo "failed";
          }
       ?>

I am trying to check whether an email exists in the database or not. I searched different thread on stackoverflow and tried to correct it but failed. Even the echo of $count isn't showing it's value. Is there any other way to check it?

Paulo Avelar
  • 2,140
  • 1
  • 17
  • 31
  • 1
    `error_reporting(0);` disables error reporting. Remove that line and post the error message, please. – PhilMasteG Aug 23 '15 at 22:08
  • 1
    Looks like you want to check whether an email has "already been used" for registration and deny using it again. Instead of using a race-condition prone SELECT-then-INSERT combo, do that with a unique contraint on the Email field in your table definition and then check for the specific error code ER_DUP_KEY. see https://dev.mysql.com/doc/refman/5.5/en/error-messages-server.html and https://dev.mysql.com/doc/refman/5.0/en/constraint-primary-key.html – VolkerK Aug 23 '15 at 22:14
  • 1
    You need to pass the connection into the query function when using the procedural approach. `$sql = mysqli_query($link, QUERY);` http://php.net/manual/en/mysqli.query.php Also you shouldn't pass user input direct to your query this opens you to SQL injections. – chris85 Aug 23 '15 at 22:16
  • if `$count` is zero ( 0 ) then echo'ing it out will generally show nothing as zero is considered false. Are you expecting a value greater than zero? – Professor Abronsius Aug 23 '15 at 22:17
  • @chris85 darn it, saw your comment soon as I posted my answer. – Funk Forty Niner Aug 23 '15 at 22:17
  • so, where are we with this question? there are quite a few unknowns which I have made points about in my answer below. Go over it carefully and check for errors while making sure there are no spaces in your db's data and your inputs. – Funk Forty Niner Aug 23 '15 at 23:11
  • Your code must check the error result of the query. Get into this habit and you will avoid issues like this in future. – crafter Aug 24 '15 at 00:59

1 Answers1

5

You didn't pass db connection to your query

$sql = mysqli_query($link, "SELECT ...
                    ^^^^^^

Btw, your code is open to SQL injection.

Use a prepared statement

More on SQL injection:

Also make sure your POST arrays are not failing you.

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// rest of your code

Sidenote: Displaying errors should only be done in staging, and never production.

  • error_reporting(0); doesn't help you, it turns it off.

Add or die(mysqli_error($link)) to mysqli_query() to check for errors.

If you are using both your form and PHP/MySQL inside the same file, then that will trigger undefined index notices on initial page load.

  • Use !empty() for them.

Reference(s):

Community
  • 1
  • 1
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
  • At first I really want to thank you so much for helping me this much. Actually I am just learning php html css and in a beginner stage. So I didn't know so many informations but thanks to you I can study about them now. Problem solved. –  Aug 23 '15 at 23:18
  • @ArnabDas You're very much welcome Arnab, I'm glad to have been of help and that my answer helped solved it, *cheers* – Funk Forty Niner Aug 23 '15 at 23:26