Checking for Already Registered Users

Anon

Hi, here's my situation:

I have a system where people can come and register to post "want ad" type things on my site. My problem is that I need to find a way to check to see if a user already exists when a new user goes to sign up, otherwise I'd have a bunch of people with the same username.

Is there an easy way I can check to see if a user exists?

niyogi

well first you need a database with the users...

Then you need to check a table in the database to see whether an entry exists..

use mySQL or check out www.bajaar.com to find out how to set up PHP with Interbase.

-Surojit

Anon

Oops, I should've mentioned that I'm using a table within an SQL database to hold the user information, here's a snippet of my code to see how I connect to the database. I just wanna know if there's a quick way I can check if an entry exists or not and then decide whether or not to allow the user to sign up (if the entry doesn't exist) or to disallow registration (if the entry does exist).

Code might be a little squished:

$DBquery = "INSERT INTO $accessTbl (dateadded, handle, firstname, lastname, emailaddress, password, country, language, agerange, alternativeemail, ICQnumber, AIMname, Yahooname) VALUES ('$date', '$handle', '$firstname', '$lastname', '$emailaddress', '$password', '$country', '$language', '$agerange', '$alternativeemail', '$ICQnumber', '$AIMname', '$Yahooname')";

	if (!($link=mysql_pconnect($accessHst, $accessUsr, $accessPss))) {
		die("Error connecting to $accessHost by $accessUsr"); }

	if (!mysql_select_db($accessDB)) {
		die("Error selecting database $accessDB"); }

	if (!($result=mysql_query($DBquery, $link))) {
		die("Error completing $DBquery statement"); }

	echo("Thank you for signing up. An email will be sent to your specified email address with your user information.");

Thanks for all your help.

Anon

here's the strategy:

when something is posted, do a db query like this:
(assuming "handle" is the nickname, could be any criteria)

select count(*) from usertable where handle='$nickname_entered'

the result must be 0, otherwise user is already registered. (then, you could do an update of his personal data etc.)

kparker

Actually, that is exactly what NOT to do: it includes a race condition, so you can still end up with duplicates.

The correct way to do this in sql is:

(1) Have a UNIQUE or PRIMARY KEY index on the column in question ('handle' in this case, I assume?)

(2) Go ahead and do the insert exactly as you are doing.

(3) If the query fails, inspect the value of mysql_error() and see if the failure is due to duplicate-key violation (in which case you just ask the user to choose another ID) or something else (in which case you're hosed.)

Note that in (2) you'll probably want to use @ error-message suppression so that the raw error text doesn't just barf out for the user to see.