Why my PHP validation doesn't check for the existing email address in the database?

Question

I have a basic registration form with jaquery validation for all inputs and php validation to check for the existing email address. However, if I type the same email address and submit it several times, I don't get any validation messages and the email gets stored inside the database. I cannot understand why does it happen, I don't think I have any errors in my code.

Here is the PHP validation:

 public function register_post(){   
    $register = new Register();
    $register->loadFromPost();

    $valid_error = array();

    if($register->is_value_exist('email', $register->email)){
        $valid_error[] = 'email already taken';
    }

    $regexp = "/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/";

    if (!preg_match($regexp, $register->email)) {
        $valid_error[] = "not a valid email";
    } 

    $var_array = array($register->first_name, $register->last_name);
    $regexp = "/^[a-zA-Z]{2,16}+$/";
    foreach($var_array as $var){
        if (!preg_match($regexp, $var)) {
            $valid_error[] = "not a valid input value for first name or last name";
        }
    }
    if(count($valid_error) == 0)
    {
        $hash = Membership::hash($register->password);
        $register->password = $hash['password'];
        $register->hash = $hash['salt'];
    }
    $register->save();

    $redirect_url = SITE_URL . "home/index";
    redirect($redirect_url);
}

Answer 1

try this for email several inset validation

if(isset($email))
{
 $checkdata=" SELECT email FROM users WHERE email='$email' ";

 $query=mysqli_query($conn,$checkdata);

 if(mysqli_num_rows($query)>0)
 {
  echo "email already taken";
  exit;
 }
 else
 {
//inset
}

Answer 2

you can try this fully jquery like my code

    $(document).ready(function(){
//validation 
     $("form[name='your form name']").validate({ 
            rules: {
                uname:{
                    required:true,
                    alphabetsnspace:true,
                    minlength: 3,
               },
                email:{
                    required:true,
                    email:true,
                },

                }, 
                psw: { 
                    required: true,
                       minlength: 5,
                       maxlength: 25,

                  }, 
                  rpsw: { 
                    equalTo: "#psw",
                     minlength: 5,
                     maxlength: 25,
               }
            },
            messages: {
                uname:{ 
                    required:"Please enter your user name",
                    minlength:"User name should be more then 3 characters",
                    alphabetsnspace:"Only alphabets and numbers are allowd",
                      },
                email:"Please enter a valid email address",

         },
//calling php 
            submitHandler: function(form) {
                $.ajax({
                    url :"register.php",
                    type:"post",
                    dataType : 'html',
                    data:$('#registerform').serialize(),
                    success: function(data) 
                    {
                     //any function
                     }
                   });
    });
    });

Answer 3

Your save and redirect ALWAYS get called because they aren't in your IF condition. Change to:

if(count($valid_error) == 0)
{
    $hash = Membership::hash($register->password);
    $register->password = $hash['password'];
    $register->hash = $hash['salt'];

    $register->save();
    $redirect_url = SITE_URL . "home/index";
    redirect($redirect_url);
}

These three lines should only get called when there are no validation errors. You also need to create a way to send your valid_errors back to the user so that when they don't get redirected, they know why.

Since someone commented on it...as for regexs for e-mails, take a look here: http://www.regular-expressions.info/email.html. You aren't allowing a + or % or . -- etc.