You have to enclose a string value in quotes, otherwise it will surely be a syntax error that you get. Your PHP syntax is fine, MySQL is not
$sql = "SELECT customer_id FROM customer WHERE customer_email = '".mysqli_real_escape_string($db,$_POST['email'])."'";
Also later down in your code you have mysql_num_rows
, which shuld be mysqli_num_rows
like this
$num_rows = mysqli_num_rows($result);