rev2

<?php

try {
    $dbh = new PDO("mysql:host=localhost;dbname=database_name_here", "database_user_name_here", "database_users_password_here");
    $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
    header("location: http://yourexternalsupportforum.io");
    die('Failed to connect to database');
}


function NewUser()
{
    global $dbh;
    $fullname = trim($_POST['name']); //at a minimus clear whitespace.
    $userName = trim($_POST['user']);
    $email = trim($_POST['email']);
    $password =  trim($_POST['pass']);
    $options = [
        'cost' => 12, //higher = more lower= less. you want it to take around 0.4 seconds for security reasons!
    ];
    $password = password_hash($password, PASSWORD_BCRYPT, $options); // hashed password for storage!
    $stmt = $dbh->"INSERT INTO websiteusers (fullname,userName,email,pass) VALUES (?,?,?,?)";
    $stmt->bindValue(1,$fullname,PDO::PARAM_STR);
    $stmt->bindValue(2,$userName,PDO::PARAM_STR);
    $stmt->bindValue(3,$email,PDO::PARAM_STR);
    $stmt->bindValue(4,$password,PDO::PARAM_STR);
    if($stmt->execute())
    {
    echo "YOUR REGISTRATION IS COMPLETED...";
    }
}

function SignUp()
{
global $dbh;
if(!empty($_POST['user']))   //checking the 'user' name which is from Sign-Up.html, is it empty or have some text
{
    $user = trim($_POST['user']);
    $pass = trim($_POST['pass']);
    $stmt = $dbh->prepare("SELECT * FROM websiteusers WHERE userName = ?") ;
    $stmt->bindValue(1,$_POST['user'],PDO::PARAM_STR);
    $stmt->execute();
    $selected_row = $stmt->fetch(PDO::FETCH_ASSOC);
    if(!password_verify($pass, $selected_row['pass'])) // check password agaisnt stored hash
    {
        newuser();
    }
    else
    {
        echo "SORRY...YOU ARE ALREADY REGISTERED USER...";
    }
}
}
if(isset($_POST['submit']))
{
    SignUp();
}
?>