The code does not check for duplicate email addresses.
There are reasons for allowing duplicate emails.
There may be cases where people use the same
email such as email@example.com
You would have to be careful about what you
say to someone who is attempting registration
at your site. If you said that email is already
in use at your site, then you have given away an
existing members email address.
You have probably already thought these things
If you do decide you want to force uniqueness, here
are some ways you can do it. You can do it on any number
of fields. Let's use your example of email.
You can use the UNIQUE constraint in the database
EMAIL_ADDR VARCHAR(100) NOT NULL UNIQUE,
This way a duplicate email address cannot be added. You
would have to adjust your code. Currently, if everything
is working right, and you enter a duplicate email address,
the query will succeed. With the UNIQUE constraint it
will now fail. You would have to check for that failure
and deal with that. mysql_query() will return false if it is a
duplicate. After your call to mysql_query you would need
to call mysql_error() to verify
the failure was indeed due to duplicate entry. mysql_error will
return a message like "Duplicate entry 'firstname.lastname@example.org'
for key 2". You would need to do this in all the places where
you do a mysql_query to insert or update into the USER table.
This one should be easier for the code in this book.
In User.php. there is a function named getByUsername. You can see this
on page 7 line2. You could add a new function called getByEmailAddress($email).
You could do this by copying and pasting this function and making a
Then back in register.php, you could have a check similar
to the user name check. This check is on page 14 about the
last 5 lines on the page. You could add another else if block
to do the check for duplicate email
$user = User::getByEmailAddress($_POST['email']);
if ( $user->userId)
...please use another email address...
I hope this helps.