34132-vm/auth/register_handler.php

<?php
session_start();
require_once __DIR__ . '/../db/config.php';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $email = $_POST['email'] ?? '';
    $password = $_POST['password'] ?? '';

    if (empty($email) || empty($password) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
        header('Location: /register.php?error=invalid_input');
        exit;
    }

    try {
        $pdo = db();

        // Check if user exists
        $stmt = $pdo->prepare("SELECT id FROM users WHERE email = ?");
        $stmt->execute([$email]);
        if ($stmt->fetch()) {
            header('Location: /register.php?error=user_exists');
            exit;
        }

        // Insert new user
        $hashed_password = password_hash($password, PASSWORD_DEFAULT);
        $stmt = $pdo->prepare("INSERT INTO users (email, password, role) VALUES (?, ?, ?)");
        $stmt->execute([$email, $hashed_password, 'free']);

        $new_user_id = $pdo->lastInsertId();

        // Check for guest CV data and save it
        if (isset($_SESSION['guest_cv_data'])) {
            $cv_data = $_SESSION['guest_cv_data'];
            $title = $cv_data['title'] ?? 'My CV';
            $template_id = $cv_data['template_id'] ?? 1;
            $content = json_encode([
                'personal_info' => $cv_data['personal_info'] ?? [],
                'experience' => array_values($cv_data['experience'] ?? []),
                'education' => array_values($cv_data['education'] ?? []),
                'skills' => $cv_data['skills'] ?? ''
            ]);

            $cv_stmt = $pdo->prepare('INSERT INTO cvs (user_id, title, content, template_id) VALUES (?, ?, ?, ?)');
            $cv_stmt->execute([$new_user_id, $title, $content, $template_id]);

            unset($_SESSION['guest_cv_data']);
        }

        // Log the user in automatically
        $_SESSION['user_id'] = $new_user_id;
        $_SESSION['user_email'] = $email;
        $_SESSION['user_role'] = 'free'; // Default role

        // Redirect to dashboard
        header('Location: /dashboard.php');
        exit;

    } catch (PDOException $e) {
        // In a real app, log this error.
        header('Location: /register.php?error=db_error');
        exit;
    }
}