Check if email is registered in the DB

3

I'm doing a search in my DB to check for email, avoiding the registration of it again, but I'm having a problem with the return, the script below sends and treats the return.

 if (sender.getFieldName() == 'Email') {
 if (sender.getValue()) {

     var emailExist = false;

     $.ajax({
         type: 'GET',
         url: 'AjaxBasedValidation.php',
         data: {
             checkEmail: sender.getValue()
         },
         async: false, 
         dataType: 'json',           
         success: function(dataResult) {
             emailExist = dataResult;
         }
     });

     editors['Email']
         .setState(emailExist ? 'warning' : 'success')
         .setHint(emailExist ? 'E-mail ' + sender.getValue() + ' já está cadastrado' : null);
 } else {
     editors['Email']
         .setState('normal')
         .setHint(null);
 }

}

The code that checks in the DB:

    #Recebe o Email Postado
    $emailPostado = $_GET['checkEmail'];

    #Conecta banco de dados 
    $con = mysqli_connect(".", "", "", "");
    $sql = mysqli_query($con, "SELECT * FROM 'usuarios' WHERE 'Email' = '{$emailPostado}'") or print mysql_error();

    if($rcQuery == true){
        die('{"dataResult" : 0"}'); 
    } else {
        die('{"dataResult" : 1"}');
    }

All emails that I am reporting the script are saying they are already registered.

    
asked by anonymous 10.08.2017 / 20:26

2 answers

2

Count the number of rows returned by the query with mysqli_num_rows() . See that in if the comparison is made with a variable that does not exist in the code of the question $rcQuery

$result = mysqli_query($con, "SELECT * FROM 'usuarios' WHERE 'Email' = '{$emailPostado}'");
$retorno['dataResult'] = ($result) ? mysqli_num_rows($result) : 0;
echo json_encode($retorno);
    
10.08.2017 / 21:02
1

I know this question has already been answered, but I would like to leave a more secure solution in the case of sql instructions for querying strings:

In the case of your select, it would be safer to run email queries as follows:

$result = mysqli_query($con, "SELECT * FROM 'usuarios' WHERE 'Email' LIKE \"%".$emailPostado."%\"");

Another thing, try to study about the class PDO , because these functions of php mysql_ * and mysqli_ * are obsolete and no longer exist as of version 7 of php.

    
16.08.2017 / 00:15