User Registration form - PHP

1. <?php
2. include($_SERVER['DOCUMENT_ROOT'] . '/db.php');
3. ?>
4.  
5. <!DOCTYPE html>
6. <html>
7. <head>
8. <title>Login or SignUp</title>
9. </head>
10. <body>
11. <h2>Signup</h2>
12.  
13. <form action="" method="POST">
14. Email:
15. <input type="text" name="email"><br>
16. Username:
17. <input type="text" name="username"><br>
18. Name:
19. <input type="text" name="name"><br>
20. Password:
21. <input type="password" name="password"><br>
22. Confirm Password:
23. <input type="password" name="confirm_password"><br>
24. <input type="submit" name="user_register" value="Register">
25. </form>
26.  
27. <?php
28. if(isset($_POST['user_register'])){
29.  
30. // Validate username
31. if(empty(trim($_POST['username']))){
32. $username_err = "Please Enter a Username.";
33. } else {
34. $sql = "SELECT user_id FROM user WHERE username = :username";
35.  
36. if($statement = $connect->prepare($sql)){
37. $statement->bindParam(':username', $username);
38. $param_username = trim($_POST['username']);
39. if($statement->execute()){
40. if($statement->rowCount() == 1){
41. $username_err = "This username is already taken.";
42. } else {
43. $username = trim($_POST['username']);
44. }
45. }
46. unset($statement);
47. }
48. }
49.  
50. // Validate Password
51. if(empty(trim($_POST['password']))){
52. $password_err = "Please enter a password.";
53. } elseif(strlen(trim($_POST['password'])) < 6) {
54. $password_err = "Password must have atleast 6 characters.";
55. } else {
56. $password = trim($_POST['password']);
57. }
58.  
59. // Validate confirm Password
60. if(empty(trim($_POST['confirm_password']))){
61. $confirm_password_err = 'Please confirm password.';
62. } else {
63. $confirm_password = trim($_POST['confirm_password']);
64. if($password != $confirm_password){
65. $confirm_password_err = "Password did not match.";
66. }
67. }
68.  
69. // Validate email
70. if(empty($_POST['email'])){
71. $email_err = "Email is Required.";
72. } else {
73. $email = $_POST['email'];
74. if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
75. $email_err = "Invalid email format.";
76. }
77. else {
78. $email = filter_var($email, FILTER_VALIDATE_EMAIL);
79. }
80. }
81.  
82. // Check input errors before inserting in database
83. if(empty($username_err) && empty($password_err) && empty($confirm_password_err) && empty($email_err)){
84. $sql = "INSERT INTO user (username, user_name, user_password, user_email) VALUES (:username, :user_name, :password, :email)";
85. if($statement = $connect->prepare($sql)){
86. $statement->bindParam(':username', $param_username);
87. $statement->bindParam(':password', $param_password);
88. $statement->bindParam(':user_name', $param_user_name);
89. $statement->bindParam(':email', $param_user_email);
90. $param_username = $username;
91. $param_password = password_hash($password, PASSWORD_DEFAULT);
92. $param_user_email = $email;
93. $param_user_name = $_POST['name'];
94. if($statement->execute()){
95. header("location: login.php");
96. } else {
97. echo "Something went wrong. Please try again later.";
98. }
99. }
100. unset($statement);
101. }
102. unset($connect);
103.  
104. }
105.  
106. ?>
107.  
108. </body>
109. </html>