php code

1. <?php
2. include 'db_connect.php';
3.   //if receives data from insert form, run function
4. if(isset($_POST['insert_data']) )
5. {
6.  
7.   $refno_usr = uniqid();
8.   $username = SQLite3::escapeString($_POST['username']);
9.   $password = SQLite3::escapeString($_POST['password']);
10.   $cpassword = SQLite3::escapeString($_POST['cpassword']);
11.   $fullname = SQLite3::escapeString($_POST['fullname']);
12.   $access = SQLite3::escapeString($_POST['access']);
13.  
14.   //check if confirm password equals password
15.   if($password != $cpassword) {
16.     echo $db->lastErrorMsg();
17.   } else {
18.     //hash and salt
19.     $hash = password_hash($password, PASSWORD_BCRYPT);
20.   }
21.  
22. $sql =<<<EOF
23.    INSERT INTO userlist (refno_usr, user_name, user_password, full_name, admin_user)
24.    VALUES ('$refno_usr', '$username', '$hash', '$fullname', '$access');
25. EOF;
26.  
27.   //Executes query
28.   $ret = $db->query($sql);
29.   //outputs error or success message
30.   if(!$ret)
31.   {
32.      echo $db->lastErrorMsg();
33.   } else {
34.      echo "Records Inserted successfully\n";
35.   }
36.  
37.   //Closes connection
38.   $db->close();
39.   unset($db);
40. }