No dublicate users

[Cronthenoob]

How would I go about making sure that when people sign up for my website, that the username isnt already taken?would it be something like this? Or is there a better way?

$query="select username from users where username='$_REQUEST[requested_username]'";$result=mysql_query($query); $e=mysql_fetch_array($result);						 if ($e) {   echo "Sorry that username is taken";} else {   // Insert the username in the database}

[aspnetguy]

I am not sure if($e) is enough (not a php expert tho)if(sizeof($e) > 0) would work for sure tho

[skym]

$query="select username from users where username='".mysql_real_escape_string($_REQUEST['requested_username'])."'";$result=mysql_query($query);						if (mysql_affected_rows() > 0) {   echo "Sorry that username is taken";} else {   // Insert the username in the database}

aspnetguy's solution would work too. Also mysql_affected_rows() can be replaced with mysql_num_rows($result). So you have at least 3 ways to do it.mysql_real_escape_string() is used to avoid SQL injections.

[Cronthenoob]

Thanks guys!I'm going to have to do some research about preventing SQL injections.

[reportingsjr]

This is very easy, there is one way to do it on the submition page, and one way to do it on the page with the form.. here is the submittion page way:

$query = "SELECT * FROM `users` WHERE username = '{mysql_real_escape_string($_POST['requested_username'])}'";$result = mysql_query($query);if(mysql_num_rows($result) > "0"){die("that username is already in use!! Please chose another name.");}

Or a way so people dont have to re-enter all that info:

<script type='text/javascript' language='javascript'>function check_username(){var user_name = document.getElementById("username");window = window.open('http://domain.com/checkname.php?name=' + user_name, 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=600,height=300,left = 440,top = 405')}</script>.....Name: <input type='text' name='requested_username' id='username'><button onclick='check_name()'>Check is username is available</button>...

Then on page checkname.php just have the first code, and after the die have "echo = 'Username available!';"and it will be easier :)Okay, I edited so people can use mysql injections.

[justsomeguy]

That will work, but, like skym said, you need to prevent SQL injection. I always cringe when I see people do it on here, so being that we are trying to educate people on here, I'll try to make an effort to always point it out when I see it. Never trust user input in a SQL query. Never as in Not Ever. Ever ever. If you are inserting data directly from the request (get, post, or cookies) into a SQL query, always use mysql_real_escape_string like skym showed to avoid SQL injection.If you are working with values that should be numbers, use intval or floatval to get them:$page = intval($_GET['page']);