Echo user already exists

Question

Here is my code. Everything works perfect. It prevents username duplication. The only problem I'm having is echoing "User already exists" when an already registered user tries to register again.

<!DOCTYPE html>
<html>
 <head>
 <meta charset="utf-8">
 <title>Registration</title>
 <link rel="stylesheet" href="style2.css" />
  </head>
  <body>
  <?php
   $con = mysqli_connect("localhost","root","","register");

  if (mysqli_connect_errno()) {
    echo "Failed to connect to MySQL: " . mysqli_connect_error();
 }

 if (isset($_REQUEST['username'])){

     $username = stripslashes($_REQUEST['username']);
     $username = mysqli_real_escape_string($con,$username); 

     $password = stripslashes($_REQUEST['password']);
     $password = mysqli_real_escape_string($con,$password);

     $query = "INSERT into `users` (username, password) 
     VALUES ('$username', '".md5($password)."')";

     $result = mysqli_query($con,$query);

    if($result){
        echo "<div class='form'>
       <h3>You are registered successfully.</h3>
       <br/>Click here to <a href='login.php'>Login</a></div>";
        }
     }else{
  ?>
 <div class="form">
   <h1>Registration</h1>
   <form name="registration" action="" method="post">

   <input type="text" name="username" placeholder="Username" required />
   <input type="password" name="password" placeholder="Password" required />
   <input type="submit" name="submit" value="Register" />
 </form>
  </div>
 <?php } ?>
</body>
</html>

So u need to check if username already exists if user try to register with same username ? — Mario, Mar 05 '17 at 21:40
I don't see any part of your code that checks if username exist — Oke Tega, Mar 05 '17 at 21:42

score 2 · Accepted Answer · answered Mar 05 '17 at 22:00

This should work, problem is that u didn't check for username if exists before u inserted another one. U will see in my code i commented it.

And don't use md5 encryption for password because it's not safe, use password_hash() and password_verify() functions.

<?php

$con = mysqli_connect("localhost", "root", "", "register");

if (mysqli_connect_errno())
{
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
}


// if is pressed submit button ( Register )
if (isset($_POST['submit']))
{

    $username = stripslashes($_POST['username']);
    $username = mysqli_real_escape_string($con, $username); 

    $password = stripslashes($_POST['password']);
    $password = mysqli_real_escape_string($con, $password);

    // check if username already exists
    $q = mysqli_query($con, "SELECT username FROM users WHERE username = '$username'");
    $user_exists = mysqli_num_rows($q);

    // if number of rows is grateater that 0 it's mean that username exists
    if ($user_exists > 0)
    {
        echo "Username in use, please select another one.";
    }
    else
    {
        // if username don't exists
        $query = "INSERT INTO users (username, password) VALUES ('$username', '".md5($password)."')";

        $result = mysqli_query($con,$query);

        if($result)
        {
          echo "<div class='form'>
                  <h3>You are registered successfully.</h3>
                  <br/>Click here to <a href='login.php'>Login</a>
                </div>";
        } 
    }


}

?>

<!DOCTYPE html>
<html>
  <head>
      <meta charset="utf-8">
      <title>Registration</title>
      <link rel="stylesheet" href="style2.css" />
  </head>
  <body>

  <div class="form">
    <h1>Registration</h1>
      <form name="registration" action="" method="post">
        <input type="text" name="username" placeholder="Username" required />
        <input type="password" name="password" placeholder="Password" required />
        <input type="submit" name="submit" value="Register" />
      </form>
  </div>

</body>
</html>

score 0 · Answer 2 · answered Mar 05 '17 at 21:44

0

Before inserting run the query like

SELECT * FROM `users`  WHERE `username` = '$username'

Then check whether user already exists or not and adopt some secure way of accessing database i.e pdo

answered Mar 05 '17 at 21:44

lkdhruw

572
1
7
22

score -1 · Answer 3 · answered Mar 05 '17 at 21:51

You would need to count you table rows to check of username already exist

     $count = "SELECT COUNT(username) as count FROM table WHERE username = '$username'";

 $result = mysqli_query($count);
 $users = mysqli_fetch_assoc($result);

 $numrows = $users['username'];

 If ($numrows == 1) {
    Echo "your message";
 }

Echo user already exists

3 Answers3