I am able to register more than one username with the same email address. Should this be happening? So, I'm trying to program an email address checker to see if it is already being used. I'm looking at register.php and User.php and trying to write something like what is already written to check if the username exists. I'm still trying to get my head around OOP and wonder if someone could give me a pointer.

Hi Albion,

The code does not check for duplicate email addresses.
There are reasons for allowing duplicate emails.


There may be cases where people use the same
email such as [email protected]

You would have to be careful about what you
say to someone who is attempting registration
at your site. If you said that email is already
in use at your site, then you have given away an
existing members email address.

You have probably already thought these things
through.

If you do decide you want to force uniqueness, here
are some ways you can do it. You can do it on any number
of fields. Let's use your example of email.


METHOD 1

You can use the UNIQUE constraint in the database
layout.

For example,
EMAIL_ADDR VARCHAR(100) NOT NULL UNIQUE,

This way a duplicate email address cannot be added. You
would have to adjust your code. Currently, if everything
is working right, and you enter a duplicate email address,
the query will succeed. With the UNIQUE constraint it
will now fail. You would have to check for that failure
and deal with that. mysql_query() will return false if it is a
duplicate. After your call to mysql_query you would need
to call mysql_error() to verify
the failure was indeed due to duplicate entry. mysql_error will
return a message like "Duplicate entry '[email protected]'
for key 2". You would need to do this in all the places where
you do a mysql_query to insert or update into the USER table.



METHOD 2

This one should be easier for the code in this book.

In User.php. there is a function named getByUsername. You can see this
on page 7 line2. You could add a new function called getByEmailAddress($email).
You could do this by copying and pasting this function and making a
few modifications.


Then back in register.php, you could have a check similar
to the user name check. This check is on page 14 about the
last 5 lines on the page. You could add another else if block
to do the check for duplicate email

I hope this helps.

Thanks Kenj. Great advice. I'm chuffed (being new to PHP and programing) that your second method coincides with what I am trying to do. I'm certainly learning from the book. However, I thought through the problem once again, and what really confused me was that when I added a second user with a different username - but the same email address @company.com - then logging-in after verification it returned the main.php (change password) with the username and email address of the 1st user! Is there a logic to this that I'm missing.

Thanks

Hi Kenj,

Save your breathe, I've figured it out.

Thanks