Check email if exist or not code is not working

Question

R_4 14 Newbie Poster

4 Years Ago

How can i check if email exists i have this code but it is not working

<?php
include "Config.php";
function mksafe($data){
     $data=trim($data);
     $data=strip_tags($data);
     $data=htmlspecialchars($data);
     $data=addslashes( $data);
     return $data;
 }
  $fname = mksafe($_POST["fname"]);
  $lname = mksafe($_POST["lname"]);
  $email = mksafe($_POST["email"]);
  $sql = "SELECT * FROM `users` WHERE `email`=$email";
$result = $conn->query($sql);
if($result->num_rows >= 1) {
    echo "Email  already exist.";
} else {
 $sql = "INSERT INTO users (fname, lname, email,reg_date)
    values(' $fname', '$lname',' $email',now())";
     if ($conn->query($sql) === TRUE){ 
        header("Refresh:0; url=index.php");
       } else { 
           echo "Error: " . $sql . "<br>" . $conn->error; 
           } 

}

 $conn->close();

mysql php

3 Contributors
6 Replies
399 Views
3 Days Discussion Span
Latest Post 4 Years Ago Latest Post by R_4

Dani 4,329 The Queen of DaniWeb

4 Years Ago

So I see you are pulling in a first name, last name, and email addess from a form. You're then sanitizing the data preparing it for your MySQL statement.

However, your SQL statement needs to have quotes around $email as so:

$sql = "SELECT * FROM `users` WHERE `email` = '$email'";

You're then querying hte database with that SQL statement, and if a row exists, saying it does, and if it doesn't, it looks like you have some extraneous spaces between your open-single-quote and your variables, which they shouldn't have. Lines 18/19 should read:

$sql = "
    INSERT INTO `users` (fname, lname, email, reg_date)
    VALUES ('$fname', '$lname', '$email', NOW())
";

Amonza 0 Newbie Poster

4 Years Ago

This code works, though I would caution you about including variables in the SQL. Prepared statements would be safer.
That aside and not knowing what the rest of your code looks like I can only offer that you check the input to your 'if' statement is as you are expecting. Try dumping the sql statement after line 13, add this:
print_r($sql);die();

Edited 4 Years Ago by Amonza

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

R_4 14 Newbie Poster · Answer 1 · 2020-04-20T02:11:16+00:00

I have modified my code as you told me but still not check email existance

<?php
include "Config.php";
function mksafe($data){
     $data=trim($data);
     $data=strip_tags($data);
     $data=htmlspecialchars($data);
     $data=addslashes( $data);
     return $data;
 }
  $fname = mksafe($_POST["fname"]);
  $lname = mksafe($_POST["lname"]);
  $email = mksafe($_POST["email"]);
  $sql = "SELECT * FROM users WHERE email ='$email'";
$result = $conn->query($sql);
if($result->num_rows >= 1) {
    echo "Email  already exist.";
} else {
$sql = "
    INSERT INTO `users` (fname, lname, email, reg_date)
    VALUES ('$fname', '$lname', '$email', NOW())
";
     if ($conn->query($sql) === TRUE){ 
        header("Refresh:0; url=index.php");
       } else { 
           echo "Error: " . $sql . "<br>" . $conn->error; 
           } 

}

Dani 4,329 The Queen of DaniWeb Administrator Featured Poster Premium Member · Answer 2 · 2020-04-20T02:38:42+00:00

Dani 4,329 The Queen of DaniWeb

4 Years Ago

What error message are you seeing?

R_4 14 Newbie Poster · Answer 3 · 2020-04-20T07:32:46+00:00

I don't get any error message.The code escape checking email part to inserting part.It just adds record without checking email

R_4 14 Newbie Poster · Answer 4 · 2020-04-22T10:32:38+00:00

Thank you . You solved my disaster.
Thanks again ...