Discussion on: Check If Email Address Is Already Exists in The Database

[Jimmy Klein]

A little error in your isEmailValid function and you have a risk of SQL injection in your method isEmailExists !!

SELECT * FROM ".$tableName." WHERE email='".$email."';

If you use mysqli extension, you have to use real_escape_string (or mysqli_real_escape_string), if you use PDO, use named parameter.

Example :

SELECT * FROM ".$tableName." WHERE email='".mysqli_real_escape_string($mysqli, $email)."';