prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);
if ($stmt->fetch()) {
$message = "Email already registered.";
} else {
// Hash the password for security
$password_hash = password_hash($password, PASSWORD_BCRYPT);
// Insert the new user into the database
$stmt = $pdo->prepare("INSERT INTO users (name, email, password, role) VALUES (?, ?, ?, ?)");
if ($stmt->execute([$name, $email, $password_hash, $role])) {
header("Location: login.php?registered=true");
exit;
} else {
$message = "An error occurred. Please try again.";
}
}
} catch (PDOException $e) {
// In a real app, you'd log this error, not show it to the user.
$message = "Database error: " . $e->getMessage();
}
}
}
?>
Register