0

So in my database I am having trouble with the syntax for searching my database and getting my program to do what I want. I want to see if the email entered already exists in the database, and if it does I want to stop the signup process and tell the user to use a different email to sign up. This is the code im having trouble with

//check to see if email is available
        $check_email = "SELECT COUNT(*) FROM users WHERE email = $email";
        if(mysqli_query($db, $check_email) >= 1){
            echo 'Email in use, try another email';
        }else{
            //continue to insert data into users table
        }

I know it is connected to the database because I've already inserted users in the table like this before I added this filter to find emails which already exist. What logic should I use to make the above code snippet do what I am aiming for?

AsapHogFtw
  • 181
  • 1
  • 1
  • 8
  • 2
    You need to check for query failures, because your query is almost certainly failing, because `$email` probably doesn't have quotation marks around it. You should not fix it by simply adding quotation marks, but by researching parameterized queries that will save you from SQL injection vulnerabilities. – ceejayoz Mar 26 '20 at 01:22
  • First learn to use parameterized queries. – sticky bit Mar 26 '20 at 01:23
  • That is several levels of not-working code, but if you fixed all the bad syntax in it it would do what you're asking. https://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display/21429652?r=SearchResults&s=1|251.8590#21429652 You should also also use a prepared statement instead of asking for SQL injection like that. https://www.php.net/manual/en/mysqli.prepare.php – Sammitch Mar 26 '20 at 01:23
  • Also rather than checking for the email, create a UNIQUE INDEX on email [like this answer](https://stackoverflow.com/questions/60629682/register-accountwindow-rejection-when-value-is-on-database-mysql/60629717#60629717) and when INSERTing detect the Duplicate key exception. Doing a check up front is subject to race conditions where another user (or same user inadvertently) could insert between you checking and the entry being there. – danblack Mar 26 '20 at 02:02

0 Answers0