Untitled

<?php
include('/scripts/dbh.php');

function generateRandomString($length = 50) {
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $charactersLength = strlen($characters);
    $randomString = '';
    for ($i = 0; $i < $length; $i++) {
        $randomString .= $characters[rand(0, $charactersLength - 1)];
    }
    return $randomString;
}
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST['email'])){
	die('Error! You did not enter a valid email address! Try again');
}
if(empty($_POST['first']) || empty($_POST['last']) || empty($_POST['uid']) || empty($_POST['password'])) {
    die('Error! You did not enter one or more of the requested fields. Please try again');
}
$first = mysqli_real_escape_string($conn, htmlentities($_POST['first']));
$last = mysqli_real_escape_string($conn, htmlentities($_POST['last']));
$username = mysqli_real_escape_string($conn, htmlentities($_POST['uid']));
$password = mysqli_real_escape_string($conn, md5(htmlentities($_POST['password'])));
$email = mysqli_real_escape_string($conn, strtolower(htmlentities($_POST['email'])));
$unid = md5(generateRandomString());
$grp = 'user';
$msg = 'message';

$msg = wordwrap($msg,70);

$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'From: ex signup' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

mail($email,"Welcome to example",$msg,$headers);

$conn = new mysqli($servername, $dbusername, $dbpassword, $dbname);

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

$sql = "INSERT INTO accounts (first, last, email, username, password, unid, grp)
VALUES ('$first', '$last', '$email', '$username', '$password', '$unid', '$grp')";

if ($conn->query($sql) === TRUE) {} else {
    die("An Error has occured. Contact an admin.");
}

$conn->close();
header('Location: /login?messageid=0001');
?>