I am creating a registration form and I would like to check the input fields that are not empty and also to check if the email of a user exist to stop the form from submitting. For some reason my code is not working properly. I get the error that says user exists but when I check my Database the user is added. Something is wrong with my code. Hope someone can help
Thanks
Full Code:
<form role="form" method="post" action="">
<?php
if(isset($_POST['register'], $_POST['user_firstname'], $_POST['user_lastname'], $_POST['user_email'], $_POST['user_username'], $_POST['user_password'], $_POST['user_dob'])) {
$firstname = mysqli_real_escape_string($connection, $_POST['user_firstname']);
$lastname = mysqli_real_escape_string($connection, $_POST['user_lastname']);
$email = mysqli_real_escape_string($connection, $_POST['user_email']);
$username = mysqli_real_escape_string($connection, $_POST['user_username']);
$password = mysqli_real_escape_string($connection, $_POST['user_password']);
$dob = mysqli_real_escape_string($connection, $_POST['user_dob']);
$registration_date = date('y-m-d');
$check_if_user_exist = "SELECT user_email FROM users WHERE user_email = '$email' ";
$check_if_user_exist_connection = mysqli_query($connection, $check_if_user_exist);
if(mysqli_num_rows($check_if_user_exist_connection) >= 1) {
echo "User Exist";
}
if(!empty($firstname) && !empty($lastname) && !empty($email) && !empty($username) && !empty($password) && !empty($dob)) {
$registration_form_query = "INSERT INTO users (user_firstname, user_lastname, user_email, user_username, user_password, user_dob, user_registration_date) ";
$registration_form_query .= "VALUES ('$firstname', '$lastname', '$email', '$username', '$password', '$dob', now()) ";
$registration_form_query_connection = mysqli_query($connection, $registration_form_query);
if(!$registration_form_query_connection) {
die("Error" .mysqli_error($connection));
}
echo "<p class='bg-success'>Thank You For Register</p>";
}else {
echo "<p class='bg-danger'>Please Fill In All The Fields</p>";
}
}
?>
<div class="form-group">
<label for="user_firstname">First Name</label>
<input type="text" name="user_firstname" class="form-control">
</div>
<div class="form-group">
<label for="user_lastname">Last Name</label>
<input type="text" name="user_lastname" class="form-control">
</div>
<div class="form-group">
<label for="user_email">Email</label>
<input type="email" name="user_email" class="form-control">
</div>
<div class="form-group">
<label for="user_username">Username</label>
<input type="text" name="user_username" class="form-control">
</div>
<div class="form-group">
<label for="user_password">Password</label>
<input type="password" name="user_password" class="form-control">
</div>
<div class="form-group">
<label for="user_dob">Date of Birth</label>
<input type="date" name="user_dob" class="form-control">
</div>
<button type="submit" name="register" class="btn btn-primary">Send</button>
</form>
That is the case because you only echo the string "User Exist" if you found a user, you don't actually prevent the script from running. You have to use a correspondent else-statement to prevent the insert:
if(mysqli_num_rows($check_if_user_exist_connection) >= 1) {
echo "User Exist";
}
else {
if(!empty($firstname) && !empty($lastname) && !empty($email) && !empty($username) && !empty($password) && !empty($dob)) {
$registration_form_query = "INSERT INTO users (user_firstname, user_lastname, user_email, user_username, user_password, user_dob, user_registration_date) ";
$registration_form_query .= "VALUES ('$firstname', '$lastname', '$email', '$username', '$password', '$dob', now()) ";
$registration_form_query_connection = mysqli_query($connection, $registration_form_query);
if(!$registration_form_query_connection) {
die("Error" .mysqli_error($connection));
}
echo "<p class='bg-success'>Thank You For Register</p>";
}
It's Quite Simple.
if($check_if_user_exist_connection->num_rows >= 1)
{
//User Exist
}
else
{
//User not Exist
}