SQL query with PHP

1. <?php
2.  
3. function test_input($data) {
4.  
5.     $data = trim($data);
6.     $data = stripslashes($data);
7.     $data = htmlspecialchars($data);
8.     return $data;
9. }
10.  
11. $name = "";
12. $username = "";
13. $email = "";
14. $password = "";
15.  
16. $servername = "localhost";
17. $username = "";
18. $password = "";
19. $dbname = "";
20.  
21. $conn = new mysqli($servername, $username, $password, $dbname);
22.  
23. if($conn->connect_error) {
24.   die("connection failed: " .$conn->connect_error);
25. }
26.  
27. if($_SERVER['REQUEST_METHOD'] == "POST") {
28.  
29.     if(empty($_POST["name"]))  {
30.        $nameErr = "Name is required";
31.     } else {
32.        $name = test_input($_POST["name"]);
33.  
34.          if (!preg_match("/^[a-zA-Z ]*$/","$name")) {
35.         $nameErr = "Only letters and white space allowed for name";
36.       }
37.     }
38.  
39.     if(empty($_POST["username"])) {
40.         $usernameErr = "username is required";
41.     } else {
42.     $username = test_input($_POST["username"]);
43.  
44.   }
45.     $sql = "SELECT * FROM webusers WHERE username = '$_POST['username']'";
46.     $result = $conn->query($sql);
47.     if ($result->num_rows > 0) {
48.       while($row = $result->fetch_assoc()) {
49.         $usernameErr = "username already exist in our Database"
50.       }
51.     }
52.  
53.     if(empty($_POST["email"])) {
54.     $emailErr = "Email is required";
55.     } else {
56.        $email = test_input($_POST["email"]);
57.  
58.        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
59.            $emailErr = "Invalid email";
60.          }
61.     }
62.     $sql = "SELECT * FROM webusers WHERE email = '$_POST['email']'";
63.     $result = $conn->query($sql);
64.     if ($result->num_rows > 0) {
65.       while($row = $result->fetch_assoc()) {
66.         $emailErr = "email already exist in our Database"
67.       }
68.     }
69.  
70.     if(empty($_POST["password"])) {
71.         $passwordErr = "password is required";
72.     } else {
73.     $password = test_input($_POST["password"]);
74.  
75.     }
76.  
77.  
78.  
79.     $stmt = $conn->prepare("INSERT INTO webusers (name, username, email, password) VALUES (?,?,?,?)");
80.  
81.     $stmt->bind_param("ssss", $name, $username, $email, $password);
82.  
83.     $name = $_POST['name'];
84.     $username = $_POST['username'];
85.     $email = $_POST['email'];
86.     $password = $_POST['password'];
87.     $stmt->execute();
88.  
89.     $report =  "New records created succesfully";
90.  
91.     $stmt->close();
92.     $conn->close();
93.  
94.  
95.  
96.     }
97. ?>