prepare("SELECT * FROM users WHERE username = ? OR email = ?");
$stmt->execute([$username, $email]);
if ($stmt->fetch()) {
$error = 'Username or email already exists.';
} else {
// Insert new user
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$user_stmt = $pdo->prepare("INSERT INTO users (username, email, password) VALUES (?, ?, ?)");
$user_stmt->execute([$username, $email, $hashed_password]);
$user_id = $pdo->lastInsertId();
// If this is the first user (id = 1), make them an Admin. Otherwise, assign Respondent.
$user_count_stmt = $pdo->query("SELECT COUNT(*) FROM users");
$is_first_user = ($user_count_stmt->fetchColumn() == 1);
$default_role = $is_first_user ? 'Admin' : 'Respondent';
$role_stmt = $pdo->prepare("SELECT id FROM roles WHERE role_name = ?");
$role_stmt->execute([$default_role]);
$role_id = $role_stmt->fetchColumn();
if ($role_id) {
$user_role_stmt = $pdo->prepare("INSERT INTO user_roles (user_id, role_id) VALUES (?, ?)");
$user_role_stmt->execute([$user_id, $role_id]);
}
$success = 'Registration successful! You can now login.';
}
}
}
?>