07.02.2015 - Flow Security. You should repeat the email validation in Server side too (js validation could be bypassed); You don't check if the user is already .