registration process

[jimfog]

I really did not know in which forum to write about this topic but since it is something that has to do with PHP coding anyway I decided to do it here. Suppose an already registered user comes to the site to register for a second time(duplicate entry in the Db). Should I check the dB for that?Should I let him register for the second time? My answer is Yes to the first question and No to the second one. What is your opinion about the matter?

[birbal]

It is not possible to have same email account for two user so if a user is already registered ans same credential is used to registered again you would ask them for "forgot password" instead of let them register again. even if you use nick as credential you would not want to have same name for two user that would be an identity problem. To avoid that you can set those as unique or primary key constraint.You dont have to check for existance of credential you can use normal INSERT if it is violating any constraint it would throw error. You can catch those error code (Each error type have different error code, see mysql error code page) to detect primary key/unique index violation and show user a error message. If you have more than one primary key or unique column which could be violated in the process of registration you could even parse the error message to detect the column name which is being violated. Error message in mysql follows one specific syntax eg "Some violation is occured in %s column". It would not be hard to catch those column name using regex or by any other way.

[jimfog]

What you suggest is interesting. I had no idea it could be done in the way you propose.I will do it and post again if I find difficulty since this the first time I will do such thing.

[justsomeguy]

Should I check the dB for that? Should I let him register for the second time?

Whether or not you allow multiple accounts really depends on the requirements of your application. That's a question for you to answer based on the specific requirements of your application, it's not a generic theoretical question. Our application has an option to allow multiple users to register with the same email address for example, some of our clients wanted that and others didn't based on their own requirements. The email address isn't a unique field in the users table though. If you have a unique field then obviously you can only have 1 record with any particular value in that field. We require usernames to be unique since that is what people log in with, so it wouldn't make sense for multiple people to have the same username. The system wouldn't know which of those users is trying to log in.

[jimfog]

Whether or not you allow multiple accounts really depends on the requirements of your application. That's a question for you to answer based on the specific requirements of your application, it's not a generic theoretical question. Our application has an option to allow multiple users to register with the same email address for example, some of our clients wanted that and others didn't based on their own requirements. The email address isn't a unique field in the users table though. If you have a unique field then obviously you can only have 1 record with any particular value in that field. We require usernames to be unique since that is what people log in with, so it wouldn't make sense for multiple people to have the same username. The system wouldn't know which of those users is trying to log in.

Well, you are right...it depends on the application. But since is the first big app I am writing I am not certain about the path I should take.The site will have business users which MUST give their name. As such I am asking name, last name, e-mail and password and they will be required to login with the e-mail and the password(of course).I do not want to ask for username since they will be giving these 4 above. Do you have to suggest a better alternative than the above-you have more experience than me. For the regular users I just ask username, e-mail and password

[justsomeguy]

If they are logging in with their email address then obviously that should be unique in the database. You can't have multiple users with the same identifier.