How to check if email is already registered?

Question

I am trying to check to see if an email is already registered using PDO, but I have not found a good way to do this so far. This is what I have so far. And the connection variable is "$con" if that helps. Also, do I need the connection variable in the same document or will it being in a document that is included work?

<link rel="stylesheet" type="text/css" href="css\errors.css">
<?php
require 'header.php';
if (!$_POST['submit']) {
?>
<html>
<a href="register.html">Regsiter here!</a>
<?php
} else {
    require 'connect.php';
    $firstname = ($_POST['firstname']);
    $lastname = ($_POST['lastname']);
    $email = ($_POST['email']);
    $password = ($_POST['password']);
    $passwordconf = ($_POST['passwordconf']);

    $errorfields = "<p class='errormsg'>Please fill out all the fields!</p>";
    if (empty($firstname) || empty($lastname) || empty($email) || empty($password) || empty($passwordconf)) {
        echo "$errorfields";
    }
    $erroremail = "<p class='errormsg'>Email is not in name@domain format!</p>";
    $regex = "/^[a-z0-9]+([_.-][a-z0-9]+)*@([a-z0-9]+([.-][a-z0-9]+)*)+.[a-z]{2,}$/i";
    if (!preg_match($regex, $email)) {
        echo "$erroremail";
    }
    $errorpassword = "<p class='errormsg'>You passwords do not match!</p>";
    if ($password != $passwordconf) {
        echo "$errorpassword";
    }

    //this is where email is checked
}
?>

Answer 1

Try this, fill in DB_NAME, DB_USER_NAME, and DB_USER_PASS with your connection credentials or use the $con variable if everything is set up correctly as a PDO object with it:

$con = new PDO( 'mysql:host=localhost;dbname=DB_NAME;charset=UTF-8', 'DB_USER_NAME', 'DB_USER_PASS' );

$query = $con->prepare( "SELECT `email` FROM `tbl_name` WHERE `email` = ?" );
$query->bindValue( 1, $email );
$query->execute();

if( $query->rowCount() > 0 ) { # If rows are found for query
     echo "Email found!";
}
else {
     echo "Email not found!";
}

Answer 2

There are some issues in the accepted answer (which is quite understandable as it has been written quite a while ago).

The first one is a bit irrelevant but still. The connection code is not as simple as just a single line of code. Please refer to my article on how to properly connect with PDO to avoid many possible problems in the future.

Another issue is the use of rowCount() method, which, as it's stated in the manual, could be unavailable . Besides, the use of bindParam() is superfluous and could be avoided in order to make the code cleaner and more concise. As a result, we can come up the following solution

require 'connect.php'; // contains the code mentioned above.

$stmt = $con->prepare( "SELECT 1 FROM `tbl_name` WHERE `email` = ?");
$stmt->execute([$email]);
$found = $stmt->fetchColumn();

if( $found ) {
    echo "Email found!";
} else {
    echo "Email not found!";
}

In case you don't only need to check the existence but also fetch the actual record (it order to verify the password, for example) simply change 1 in the query to the actual fields and fetchColumn() to fetch() :

$stmt = $con->prepare( "SELECT 1 FROM `tbl_name` WHERE `email` = ?");
$stmt->execute([$email]);
$user= $stmt->fetch();

if( $user ) {
    echo "Email found!";
} else {
    echo "Email not found!";
}