Home/ Questions/Q 7023973
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T23:46:45+00:00

I’m trying to check if an email exists in the system, before a user

  • 0

I’m trying to check if an email exists in the system, before a user is created. I’m using PHP and jQuery (AJAX, plugin).

Even though there is none in the database with the same email, my script writes that there is an existing identical e-mail. But it still creates the user (which it should).

If there is an existing e-mail, it’s not creating the user, and it’s writing the correct error message.

I don’t know if it’s my AJAX that’s wrong?

My PHP: 

$check_email = mysql_query("SELECT * FROM table WHERE email='$email'");
$email_count = mysql_num_rows($check_email);

if($email_count>0){
echo "Email exists";
    return false;
}

And my jQuery:

$(function() {  
    $("#goNewUser").click(function() {  
        // validate and process form here  

        var username = $("input#username").val();  
        if(username == "") {
            $("input#username").focus();  
        return false;
        }

        var email = $("input#email").val();  
        if(email == "") {  
            $("input#email").focus();  
        return false;
        }

        var password = $("input#password").val();  
        if(password == "") {  
            $("input#password").focus();  
        return false;
        } 

        var salt = $("input#salt").val();
        if(salt == ""){
            $("input#username").focus();
        return false;
        }

        var dataString = 'username=' + username + '&email=' + email + '&password=' + password + '&salt=' + salt;  
        //alert (dataString);
        $.ajax({  
            type: "POST",  
            url: "includes/classes/handler.php?do=addLogin",
            data: dataString,  
            success: function(returnedData){

                if(returnedData == ''){
                    $('.sideBarNewUserWrap').fadeOut();
                } else {
                    $('.errorMessage').fadeIn().html(returnedData);
                }

            }
        });  
        return false;
  });  
});
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    1. You’d better use PDO 😉 It does all the protection needed if you use
      it right. Because now you have a lot of security holes – you do no
      query escaping, you are checking for field value equality (while it
      is better to use regular expression or at least truncate the value
      from possible spaces)

    2. Your check is a bit rough. Try to use SELECT COUNT(*) as cnt FROM
      table WHERE email = '$email';       and check if
      intval($first_row_of_result['cnt']) > 0.

    3. How do you perform a user creation process? If your code is previous
      to the user creation one and both they are parts of one function –
      yeah, you are right. You are right if you perform if
      (!email_exists($email)) return false;       before creating a user.
      Otherwise i can not tell for sure if that process is correct.

    Oh, yeah…

    var dataString = 'username=' + username + '&email=' + email + '&password=' + password + '&salt=' + salt;  

$.ajax({  
    type: "POST",  
    url: "includes/classes/handler.php?do=addLogin",
    data: dataString,  
    success: function(returnedData){ }
});

    It is surely better do not use manual data escaping – try passing JSON object instead of dataString. jQuery will handle it for sure.

    And you’d better use FireBug or other tool to replace any alert(something) with console.log(something) – it is more pretty 😉

    And one more: you’d better use negate condition: 

    if (returnedData){
  $('.errorMessage').fadeIn().html(returnedData);
} else {
  $('.sideBarNewUserWrap').fadeOut();
}

    Hope any of that would help you.

    • 0