Check if Username and Email lalready exists using PHP

Question

Hello Im trying to make my signup page check if a username or email is already in use. But it just goes over the code like its not their and before you mark this as a dupe of Check if username already exists using PHP I've already went over there and i tried the fix their but i didn't work so at this point I'm clueless I've tried every thing i know!

HTML for the sign up page

<?php
    session_start();
        include 'header.php';

    $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    if (strpos($url, 'error=username') !== false) {
        echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out username box!</div>";
    }
        $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    if (strpos($url, 'error=password') !== false) {
        echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out password box!</div>";
    }
        $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    if (strpos($url, 'error=first') !== false) {
        echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out First Name box!</div>";
    }
        $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    if (strpos($url, 'error=last') !== false) {
        echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out Last Name box!</div>";
    }
        $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    if (strpos($url, 'error=email') !== false) {
        echo "<div class='transition' style=' transition-delay: 1s;box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2); height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>Fill out Email box!</div>";
    }
        $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    if (strpos($url, 'error=user_name_taken') !== false) {
        echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>This username is already in use!</div>";
    }
        $url = "http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
    if (strpos($url, 'error=user_email_taken') !== false) {
        echo "<div class='transition' style='height: 20px; background-color: #ff6b66; text-align: center; margin-top: 30px; margin-right: 40%; margin-left: 40%; border-radius: 20px; padding: 5px;'>This email is already in use!</div>";
    }


    if (isset($_SESSION['id']) !== true) {
          header('Location: ../login.php');
    }


?>

<html>
<head>
    <title>Add Teacher</title>
    <link rel="stylesheet" type="text/css" href="../assets/css/adduser.css">
</head>
    <body>
        <div class="loginbox">
            <h1 class="longintitle" style="font-family: Tahoma;">Add Teacher</h1>
            <form class="form" action="../includes/adduser.php" method="post" enctype="multipart/form-data">
                <input autocomplete="off" placeholder="Username" name="username" type="text" >
                <input autocomplete="off" placeholder="Password" name="password" type="password">
                <input autocomplete="off" placeholder="First Name" name="first" type="text">
                <input autocomplete="off" placeholder="Last Name" name="last" type="text">
                <input autocomplete="off" placeholder="Email" name="email" type="email">
                <input class="loginbutton" name="create" type="submit" value="Create">
            </form>
            <p>Students will be in beta copie THIS IS ALPHA</p>
        </div>
    </body>
</html>

php for it

<?php
session_start();
    include_once("../includes/db.php");

    $id = $_POST['id'];
    $username = $_POST['username'];
    $password = $_POST['password'];
    $first = $_POST['first'];
    $last = $_POST['last'];
    $email = $_POST['email'];

            if (empty($username)) {
        header('Location: ../teacher/adduser.php?error=username');
        exit();
    }
            if (empty($password)) {
        header('Location: ../teacher/adduser.php?error=password');
        exit();
    }
            if (empty($first)) {
        header('Location: ../teacher/adduser.php?error=first');
        exit();
    }
            if (empty($last)) {
        header('Location: ../teacher/adduser.php?error=last');
        exit();
    }
            if (empty($email)) {
        header('Location: ../teacher/adduser.php?error=email');
        exit();
    } else {

        $sql = "SELECT * FROM user WHERE username='".$username."'";
        $result = mysqli_query($conn, $sql);
        $usernamecheck = mysql_num_rows($result);

        if ($usernamecheck > 0) {
            header('Location: ../teacher/adduser.php?error=user_name_taken');
            exit();
        }

        $sql = "SELECT * FROM user WHERE email='$email'";
        $result = mysqli_query($conn, $sql);
        $emailtaken = mysql_num_rows($result);

        if ($emailtaken > 0) {
            header('Location: ../teacher/adduser.php?error=user_email_taken');
            exit();

        } else {
    $sql = "INSERT INTO user (id, username, password, first, last, email) VALUES ('$id', '$username', '$password', '$first', '$last', '$email')";
    $result = mysqli_query($conn, $sql);
    header('Location: ../teacher/adduser.php');
        }


    }
?>

If need but "doubt it tho" the db.php

<?php  

$conn = mysqli_connect("localhost", "dbuser", "dbpass", "dbmain");

if (!@mysqli_connect("localhost", "dbuser", "dbpass", "dbmain")) {
    echo "<div style=' box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2); padding: 3px; background-color: red; height: 20px;'><h3 style='text-align: center;'>Cannot connect to database have the admin take a look!</h3></div>";
    die(mysql_error());
}
 else {
    echo "<div style=' box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.2); padding: 3px; background-color: lightgreen; height: 20px;'><h3 style='text-align: center;'>Connected to database Successfully!</h3></div>";
 }

?>

Please help I dont know how to fix this! If you need more info just ask.

Thanks in advance!

You _never_ store a password in a database. Never. Period. What you store is a _hash of a password_. Then, at authentication time you again hash the submitted password and _compare the hashes_. That way you do not compromise your users passwords even if your system gets broken into. Use a _good_ hashing algorithm. Many good tutorials on that topic exist. — arkascha, Sep 05 '16 at 18:18
*"before you mark this as a dupe"* - It could have been closed with what you posted as your saying it's not a dupe. They didn't mix MySQL APIs here and it was closed respectively. — Funk Forty Niner, Sep 05 '16 at 18:30

score 0 · Answer 1 · edited Sep 06 '16 at 10:19

0

As you are using mysqli, I think you may need to replace mysql_num_rows with mysqli_num_rows. (missing 'i' in mysqli_num_rows).

edited Sep 06 '16 at 10:19

agua from mars

16,428
4
61
70

answered Sep 05 '16 at 18:18

Latchy

309
3
10

score -1 · Accepted Answer · answered Sep 05 '16 at 18:35

-1

Replace "mysql_num_rows" with "mysqli_num_rows" , while fetching the rows. As $conn is a "mysqli_connect " instance.

answered Sep 05 '16 at 18:35

Joy

301
1
5
15

Check if Username and Email lalready exists using PHP

2 Answers2