Apart from the "SQL Injection Attack" (Seriously, Google it, you risk the destruction of your database!) you're opening yourself up to, it's a bad idea to use a SELECT to see if something is there first and then INSERT. What would happen if two people tried to register the exact same username? One of them is going to succeed and the other is going to fail even though your SELECT said it was available. The order of SQL statements from each user would be:
User1 User2
SELECT (available!)
SELECT (available!)
INSERT (succeeds!)
INSERT (fails - duplicate)
A better way to do it would be to just try the INSERT and catch the exception if it's a duplicate. If there's no exception, you know it worked. If there was an exception, it was a duplicate.