<?phpif(isset($_POST['crear'])) {include 'conexiondb.php'; //this is the fil

1. <?php
2.  
3. if(isset($_POST['crear']))
4. {
5. include 'conexiondb.php'; //this is the file where I connect the database, the variable that sets up the connection is called $conexion
6. $email = mysqli_real_escape_string($conexion, $_POST['email']); //el método previene que se haga SQL injection
7. $username = mysqli_real_escape_string($conexion, $_POST['username']);
8. $password = mysqli_real_escape_string($conexion, $_POST['password']);
9. $nombre = mysqli_real_escape_string($conexion, $_POST['nombre']);
10. $apellido = mysqli_real_escape_string($conexion, $_POST['apellido']);
11. $municipio = mysqli_real_escape_string($conexion, $_POST['municipio']);
12.  
13. //after this I make a bunch of validations, that seem to work fine
14. //after all values are checked, I want to insert them into my database
15.  
16. $passwordHash = password_hash($password, PASSWORD_DEFAULT);
17.  
18. mysqli_query($conexion, "INSERT INTO persona (correopersona, usernamepersona, passwordpersona, nombrepersona, apellidopersona, nombremunicipio) VALUES ('$email', '$username', '$passwordHash', '$nombre', '$apellido', '$municipio')");