From e9a01ca6619ceeb9b408192de8c56cbcbde066aa Mon Sep 17 00:00:00 2001
From: Flatlogic Bot <support@flatlogic.com>
Date: Sun, 2 Nov 2025 14:43:46 +0000
Subject: [PATCH] leveling project

---
 assets/css/custom.css |  91 +++++++++++++++++
 assets/js/main.js     |   0
 dashboard.php         |  49 +++++++++
 db/config.php         |  49 ++++++---
 db/setup.php          |  35 +++++++
 includes/footer.php   |  13 +++
 includes/header.php   |  53 ++++++++++
 index.php             | 225 +++++++++++++++---------------------------
 login.php             |  44 +++++++++
 logout.php            |  22 +++++
 register.php          |  54 ++++++++++
 11 files changed, 476 insertions(+), 159 deletions(-)
 create mode 100644 assets/css/custom.css
 create mode 100644 assets/js/main.js
 create mode 100644 dashboard.php
 create mode 100644 db/setup.php
 create mode 100644 includes/footer.php
 create mode 100644 includes/header.php
 create mode 100644 login.php
 create mode 100644 logout.php
 create mode 100644 register.php

diff --git a/assets/css/custom.css b/assets/css/custom.css
new file mode 100644
index 0000000..31e9544
--- /dev/null
+++ b/assets/css/custom.css
@@ -0,0 +1,91 @@
+:root {
+    --primary-color: #4F46E5;
+    --secondary-color: #10B981;
+    --dark-color: #111827;
+    --surface-color: #1F2937;
+    --text-color: #F9FAFB;
+}
+
+body {
+    font-family: 'Inter', sans-serif;
+    background-color: var(--dark-color);
+    color: var(--text-color);
+}
+
+h1, h2, h3, h4, h5, h6, .navbar-brand {
+    font-family: 'Orbitron', sans-serif;
+}
+
+.bg-dark {
+    background-color: var(--dark-color) !important;
+}
+
+.bg-surface {
+    background-color: var(--surface-color) !important;
+}
+
+.card {
+    border: 1px solid rgba(255, 255, 255, 0.1);
+    border-radius: 0.5rem;
+    transition: transform 0.2s ease-in-out, box-shadow 0.2s ease-in-out;
+}
+
+.card:hover {
+    transform: translateY(-5px);
+    box-shadow: 0 10px 20px rgba(0,0,0,0.2);
+}
+
+.form-control {
+    background-color: #374151;
+    border: 1px solid #4B5563;
+    color: var(--text-color);
+    border-radius: 0.375rem;
+}
+
+.form-control:focus {
+    background-color: #374151;
+    color: var(--text-color);
+    border-color: var(--primary-color);
+    box-shadow: 0 0 0 0.25rem rgba(79, 70, 229, 0.25);
+}
+
+.btn-primary {
+    background-color: var(--primary-color);
+    border-color: var(--primary-color);
+    font-weight: bold;
+    transition: background-color 0.2s;
+}
+
+.btn-primary:hover {
+    background-color: #4338CA;
+    border-color: #4338CA;
+}
+
+.btn-secondary {
+    background-color: var(--secondary-color);
+    border-color: var(--secondary-color);
+    font-weight: bold;
+    transition: background-color 0.2s;
+}
+
+.btn-secondary:hover {
+    background-color: #059669;
+    border-color: #059669;
+}
+
+.hero-section {
+    padding: 4rem 0;
+}
+
+.navbar-dark .navbar-brand {
+    color: var(--primary-color);
+    font-weight: bold;
+}
+
+.navbar-dark .nav-link {
+    color: rgba(255,255,255,.7);
+}
+
+.navbar-dark .nav-link:hover, .navbar-dark .nav-link.active {
+    color: #fff;
+}
diff --git a/assets/js/main.js b/assets/js/main.js
new file mode 100644
index 0000000..e69de29
diff --git a/dashboard.php b/dashboard.php
new file mode 100644
index 0000000..82a8a23
--- /dev/null
+++ b/dashboard.php
@@ -0,0 +1,49 @@
+<?php
+require_once 'includes/header.php';
+
+// Protect page
+if (!isset($_SESSION['user_id'])) {
+    header('Location: index.php');
+    exit();
+}
+
+require_once 'db/config.php';
+
+try {
+    $pdo = db();
+    $stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");
+    $stmt->execute([$_SESSION['user_id']]);
+    $user = $stmt->fetch();
+} catch (PDOException $e) {
+    // Handle error, maybe redirect or show a message
+    $user = null;
+}
+
+?>
+
+<div class="container">
+    <h1 class="mb-4">Welcome, <?php echo htmlspecialchars($user['username'] ?? 'Player'); ?>!</h1>
+
+    <div class="card bg-surface text-light p-4">
+        <div class="card-body">
+            <h2 class="card-title">Your Status</h2>
+            <?php if ($user): ?>
+            <p><strong>Level:</strong> <?php echo htmlspecialchars($user['level']); ?></p>
+            <p><strong>XP:</strong> <?php echo htmlspecialchars($user['xp']); ?></p>
+            <p><strong>Role:</strong> <?php echo htmlspecialchars(ucfirst($user['user_role'])); ?></p>
+            <?php else: ?>
+            <p class="text-danger">Could not load user data.</p>
+            <?php endif; ?>
+        </div>
+    </div>
+
+    <div class="mt-5">
+        <h3 class="text-center">Your journey continues...</h3>
+        <p class="text-center text-muted">Learning Kits and Achievements are coming soon!</p>
+    </div>
+</div>
+
+
+<?php
+require_once 'includes/footer.php';
+?>
\ No newline at end of file
diff --git a/db/config.php b/db/config.php
index f12ebaf..45c9b30 100644
--- a/db/config.php
+++ b/db/config.php
@@ -1,17 +1,40 @@
 <?php
-// Generated by setup_mariadb_project.sh — edit as needed.
+// Default XAMPP/local settings
 define('DB_HOST', '127.0.0.1');
-define('DB_NAME', 'app_31009');
-define('DB_USER', 'app_31009');
-define('DB_PASS', '2c66b530-2a65-423a-a106-6760b49ad1a2');
+define('DB_NAME', 'leveling_system');
+define('DB_USER', 'root');
+define('DB_PASS', '');
+define('DB_CHARSET', 'utf8mb4');
 
-function db() {
-  static $pdo;
-  if (!$pdo) {
-    $pdo = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME.';charset=utf8mb4', DB_USER, DB_PASS, [
-      PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
-      PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
-    ]);
-  }
-  return $pdo;
+// Create the database if it doesn't exist
+try {
+    $pdo_init = new PDO("mysql:host=" . DB_HOST, DB_USER, DB_PASS);
+    $pdo_init->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+    $pdo_init->exec("CREATE DATABASE IF NOT EXISTS `" . DB_NAME . "`");
+    $pdo_init = null;
+} catch(PDOException $e) {
+    // Don't die, the main connection will handle it
 }
+
+function db(): PDO {
+    static $pdo;
+    if ($pdo) {
+        return $pdo;
+    }
+
+    $dsn = "mysql:host=" . DB_HOST . ";dbname=" . DB_NAME . ";charset=" . DB_CHARSET;
+    $options = [
+        PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
+        PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
+        PDO::ATTR_EMULATE_PREPARES   => false,
+    ];
+    try {
+        $pdo = new PDO($dsn, DB_USER, DB_PASS, $options);
+        return $pdo;
+    } catch (PDOException $e) {
+        // In a real app, you'd log this error.
+        // For this setup, we'll just show a generic error.
+        die('Database connection failed. Please check config and ensure MySQL is running.');
+    }
+}
+?>
\ No newline at end of file
diff --git a/db/setup.php b/db/setup.php
new file mode 100644
index 0000000..a643d82
--- /dev/null
+++ b/db/setup.php
@@ -0,0 +1,35 @@
+<?php
+require_once 'config.php';
+
+try {
+    $pdo = db();
+    $sql = "
+    CREATE TABLE IF NOT EXISTS users (
+        id INT AUTO_INCREMENT PRIMARY KEY,
+        username VARCHAR(50) NOT NULL UNIQUE,
+        password_hash VARCHAR(255) NOT NULL,
+        user_role ENUM('learner', 'admin') NOT NULL DEFAULT 'learner',
+        level INT DEFAULT 1,
+        xp INT DEFAULT 0,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+    );";
+    $pdo->exec($sql);
+
+    // Optional: Create a default admin user if one doesn't exist
+    $stmt = $pdo->prepare("SELECT id FROM users WHERE username = 'admin'");
+    $stmt->execute();
+    if ($stmt->rowCount() == 0) {
+        $admin_pass = 'admin123'; // Super secure default password
+        $admin_hash = password_hash($admin_pass, PASSWORD_DEFAULT);
+        $admin_sql = "INSERT INTO users (username, password_hash, user_role) VALUES ('admin', ?, 'admin')";
+        $admin_stmt = $pdo->prepare($admin_sql);
+        $admin_stmt->execute([$admin_hash]);
+        echo "Default admin user created with username 'admin' and password 'admin123'.<br>";
+    }
+
+    echo "Database setup completed successfully!";
+
+} catch (PDOException $e) {
+    die("Database setup failed: " . $e->getMessage());
+}
+?>
\ No newline at end of file
diff --git a/includes/footer.php b/includes/footer.php
new file mode 100644
index 0000000..924b783
--- /dev/null
+++ b/includes/footer.php
@@ -0,0 +1,13 @@
+    </main>
+
+    <footer class="bg-dark-surface text-center text-muted py-4 mt-auto">
+        <div class="container">
+            <p>&copy; <?php echo date('Y'); ?> Solo Leveling: IT. All Rights Reserved.</p>
+            <p>Built with Flatlogic</p>
+        </div>
+    </footer>
+
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
+    <script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
+</body>
+</html>
\ No newline at end of file
diff --git a/includes/header.php b/includes/header.php
new file mode 100644
index 0000000..86ab3bb
--- /dev/null
+++ b/includes/header.php
@@ -0,0 +1,53 @@
+<?php
+session_start();
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Solo Leveling: IT</title>
+    <meta name="description" content="A gamified web learning platform for Information Technology.">
+    <meta name="keywords" content="gamified learning, IT education, leveling system, programming quests, tech skills, achievements, leaderboard, learn to code, IT challenges, web development, cybersecurity, database management, Built with Flatlogic Generator">
+    <meta property="og:title" content="Solo Leveling: IT">
+    <meta property="og:description" content="A gamified web learning platform for Information Technology.">
+    <meta property="og:image" content="">
+    <meta name="twitter:card" content="summary_large_image">
+    <meta name="twitter:image" content="">
+
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
+    <link rel="preconnect" href="https://fonts.googleapis.com">
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+    <link href="https://fonts.googleapis.com/css2?family=Orbitron:wght@400;700&family=Inter:wght@400;600&display=swap" rel="stylesheet">
+    <link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
+</head>
+<body class="bg-dark text-light">
+    <nav class="navbar navbar-expand-lg navbar-dark bg-dark-surface">
+        <div class="container">
+            <a class="navbar-brand" href="index.php">Solo Leveling: IT</a>
+            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+            <div class="collapse navbar-collapse" id="navbarNav">
+                <ul class="navbar-nav ms-auto">
+                    <?php if (isset($_SESSION['user_id'])): ?>
+                        <li class="nav-item">
+                            <a class="nav-link" href="dashboard.php">Dashboard</a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link" href="logout.php">Logout</a>
+                        </li>
+                    <?php else: ?>
+                        <li class="nav-item">
+                            <a class="nav-link" href="index.php#login">Login</a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link" href="index.php#register">Register</a>
+                        </li>
+                    <?php endif; ?>
+                </ul>
+            </div>
+        </div>
+    </nav>
+
+    <main class="container my-5">
\ No newline at end of file
diff --git a/index.php b/index.php
index 7205f3d..ea53b16 100644
--- a/index.php
+++ b/index.php
@@ -1,150 +1,83 @@
 <?php
-declare(strict_types=1);
-@ini_set('display_errors', '1');
-@error_reporting(E_ALL);
-@date_default_timezone_set('UTC');
+require_once 'includes/header.php';
 
-$phpVersion = PHP_VERSION;
-$now = date('Y-m-d H:i:s');
+// If user is logged in, redirect to dashboard
+if (isset($_SESSION['user_id'])) {
+    header('Location: dashboard.php');
+    exit();
+}
+
+// Run setup on first visit to ensure db and table exist, but hide output
+ob_start();
+require_once 'db/config.php';
+include_once 'db/setup.php';
+ob_end_clean();
 ?>
-<!doctype html>
-<html lang="en">
-<head>
-  <meta charset="utf-8" />
-  <meta name="viewport" content="width=device-width, initial-scale=1" />
-  <title>New Style</title>
-<?php
-// Read project preview data from environment
-$projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? '';
-$projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
-?>
-<?php if ($projectDescription): ?>
-  <!-- Meta description -->
-  <meta name="description" content='<?= htmlspecialchars($projectDescription) ?>' />
-  <!-- Open Graph meta tags -->
-  <meta property="og:description" content="<?= htmlspecialchars($projectDescription) ?>" />
-  <!-- Twitter meta tags -->
-  <meta property="twitter:description" content="<?= htmlspecialchars($projectDescription) ?>" />
-<?php endif; ?>
-<?php if ($projectImageUrl): ?>
-  <!-- Open Graph image -->
-  <meta property="og:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
-  <!-- Twitter image -->
-  <meta property="twitter:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
-<?php endif; ?>
-  <link rel="preconnect" href="https://fonts.googleapis.com">
-  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
-  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
-  <style>
-    :root {
-      --bg-color-start: #6a11cb;
-      --bg-color-end: #2575fc;
-      --text-color: #ffffff;
-      --card-bg-color: rgba(255, 255, 255, 0.01);
-      --card-border-color: rgba(255, 255, 255, 0.1);
-    }
-    body {
-      margin: 0;
-      font-family: 'Inter', sans-serif;
-      background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
-      color: var(--text-color);
-      display: flex;
-      justify-content: center;
-      align-items: center;
-      min-height: 100vh;
-      text-align: center;
-      overflow: hidden;
-      position: relative;
-    }
-    body::before {
-      content: '';
-      position: absolute;
-      top: 0;
-      left: 0;
-      width: 100%;
-      height: 100%;
-      background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
-      animation: bg-pan 20s linear infinite;
-      z-index: -1;
-    }
-    @keyframes bg-pan {
-      0% { background-position: 0% 0%; }
-      100% { background-position: 100% 100%; }
-    }
-    main {
-      padding: 2rem;
-    }
-    .card {
-      background: var(--card-bg-color);
-      border: 1px solid var(--card-border-color);
-      border-radius: 16px;
-      padding: 2rem;
-      backdrop-filter: blur(20px);
-      -webkit-backdrop-filter: blur(20px);
-      box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
-    }
-    .loader {
-      margin: 1.25rem auto 1.25rem;
-      width: 48px;
-      height: 48px;
-      border: 3px solid rgba(255, 255, 255, 0.25);
-      border-top-color: #fff;
-      border-radius: 50%;
-      animation: spin 1s linear infinite;
-    }
-    @keyframes spin {
-      from { transform: rotate(0deg); }
-      to   { transform: rotate(360deg); }
-    }
-    .hint {
-      opacity: 0.9;
-    }
-    .sr-only {
-      position: absolute;
-      width: 1px; height: 1px;
-      padding: 0; margin: -1px;
-      overflow: hidden;
-      clip: rect(0, 0, 0, 0);
-      white-space: nowrap; border: 0;
-    }
-    h1 {
-      font-size: 3rem;
-      font-weight: 700;
-      margin: 0 0 1rem;
-      letter-spacing: -1px;
-    }
-    p {
-      margin: 0.5rem 0;
-      font-size: 1.1rem;
-    }
-    code {
-      background: rgba(0,0,0,0.2);
-      padding: 2px 6px;
-      border-radius: 4px;
-      font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
-    }
-    footer {
-      position: absolute;
-      bottom: 1rem;
-      font-size: 0.8rem;
-      opacity: 0.7;
-    }
-  </style>
-</head>
-<body>
-  <main>
-    <div class="card">
-      <h1>Analyzing your requirements and generating your website…</h1>
-      <div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes">
-        <span class="sr-only">Loading…</span>
-      </div>
-      <p class="hint"><?= ($_SERVER['HTTP_HOST'] ?? '') === 'appwizzy.com' ? 'AppWizzy' : 'Flatlogic' ?> AI is collecting your requirements and applying the first changes.</p>
-      <p class="hint">This page will update automatically as the plan is implemented.</p>
-      <p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
+
+<div class="text-center hero-section">
+    <h1 class="display-3 fw-bold">Level Up Your IT Skills</h1>
+    <p class="lead col-lg-6 mx-auto">Join quests, conquer challenges, and rise through the ranks. Your journey to becoming an IT master starts now.</p>
+</div>
+
+<div class="row justify-content-center g-5 mt-4">
+    <!-- Login Card -->
+    <div class="col-lg-5" id="login">
+        <div class="card bg-surface text-light p-4">
+            <div class="card-body">
+                <h2 class="card-title text-center mb-4">Player Login</h2>
+                <?php if(isset($_GET['login_error'])): ?>
+                    <div class="alert alert-danger">Invalid username or password.</div>
+                <?php endif; ?>
+                <form action="login.php" method="POST">
+                    <div class="mb-3">
+                        <label for="login-username" class="form-label">Username</label>
+                        <input type="text" class="form-control" id="login-username" name="username" required>
+                    </div>
+                    <div class="mb-3">
+                        <label for="login-password" class="form-label">Password</label>
+                        <input type="password" class="form-control" id="login-password" name="password" required>
+                    </div>
+                    <div class="d-grid">
+                        <button type="submit" class="btn btn-primary btn-lg">Enter Dungeon</button>
+                    </div>
+                </form>
+            </div>
+        </div>
     </div>
-  </main>
-  <footer>
-    Page updated: <?= htmlspecialchars($now) ?> (UTC)
-  </footer>
-</body>
-</html>
+
+    <!-- Registration Card -->
+    <div class="col-lg-5" id="register">
+        <div class="card bg-surface text-light p-4">
+            <div class="card-body">
+                <h2 class="card-title text-center mb-4">New Player</h2>
+                 <?php if(isset($_GET['reg_error'])): ?>
+                    <div class="alert alert-danger"><?php echo htmlspecialchars($_GET['reg_error']); ?></div>
+                <?php endif; ?>
+                <?php if(isset($_GET['reg_success'])): ?>
+                    <div class="alert alert-success">Registration successful! Please log in.</div>
+                <?php endif; ?>
+                <form action="register.php" method="POST">
+                    <div class="mb-3">
+                        <label for="reg-username" class="form-label">Username</label>
+                        <input type="text" class="form-control" id="reg-username" name="username" required>
+                    </div>
+                    <div class="mb-3">
+                        <label for="reg-password" class="form-label">Password</label>
+                        <input type="password" class="form-control" id="reg-password" name="password" required>
+                    </div>
+                    <div class="mb-3">
+                        <label for="reg-confirm-password" class="form-label">Confirm Password</label>
+                        <input type="password" class="form-control" id="reg-confirm-password" name="confirm_password" required>
+                    </div>
+                    <div class="d-grid">
+                        <button type="submit" class="btn btn-secondary btn-lg">Join the Guild</button>
+                    </div>
+                </form>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php
+require_once 'includes/footer.php';
+?>
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..0beff24
--- /dev/null
+++ b/login.php
@@ -0,0 +1,44 @@
+<?php
+session_start();
+require_once 'db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+    header('Location: index.php');
+    exit();
+}
+
+$username = trim($_POST['username'] ?? '');
+$password = $_POST['password'] ?? '');
+
+if (empty($username) || empty($password)) {
+    header('Location: index.php?login_error=1#login');
+    exit();
+}
+
+try {
+    $pdo = db();
+    $stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
+    $stmt->execute([$username]);
+    $user = $stmt->fetch();
+
+    if ($user && password_verify($password, $user['password_hash'])) {
+        // Password is correct, start session
+        session_regenerate_id();
+        $_SESSION['user_id'] = $user['id'];
+        $_SESSION['username'] = $user['username'];
+        $_SESSION['user_role'] = $user['user_role'];
+
+        header('Location: dashboard.php');
+        exit();
+    } else {
+        // Invalid credentials
+        header('Location: index.php?login_error=1#login');
+        exit();
+    }
+
+} catch (PDOException $e) {
+    // In a real app, log the error
+    header('Location: index.php?login_error=1#login');
+    exit();
+}
+?>
\ No newline at end of file
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..d1d29a0
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,22 @@
+<?php
+session_start();
+
+// Unset all of the session variables
+$_SESSION = [];
+
+// If it's desired to kill the session, also delete the session cookie.
+// Note: This will destroy the session, and not just the session data!
+if (ini_get("session.use_cookies")) {
+    $params = session_get_cookie_params();
+    setcookie(session_name(), '', time() - 42000,
+        $params["path"], $params["domain"],
+        $params["secure"], $params["httponly"]
+    );
+}
+
+// Finally, destroy the session.
+session_destroy();
+
+header('Location: index.php');
+exit();
+?>
\ No newline at end of file
diff --git a/register.php b/register.php
new file mode 100644
index 0000000..ff5172e
--- /dev/null
+++ b/register.php
@@ -0,0 +1,54 @@
+<?php
+session_start();
+require_once 'db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+    header('Location: index.php');
+    exit();
+}
+
+$username = trim($_POST['username'] ?? '');
+$password = $_POST['password'] ?? '');
+$confirm_password = $_POST['confirm_password'] ?? '');
+
+// Basic validation
+if (empty($username) || empty($password)) {
+    header('Location: index.php?reg_error=Username and password are required.#register');
+    exit();
+}
+
+if ($password !== $confirm_password) {
+    header('Location: index.php?reg_error=Passwords do not match.#register');
+    exit();
+}
+
+if (strlen($password) < 6) {
+    header('Location: index.php?reg_error=Password must be at least 6 characters long.#register');
+    exit();
+}
+
+try {
+    $pdo = db();
+
+    // Check if username already exists
+    $stmt = $pdo->prepare("SELECT id FROM users WHERE username = ?");
+    $stmt->execute([$username]);
+    if ($stmt->rowCount() > 0) {
+        header('Location: index.php?reg_error=Username already taken.#register');
+        exit();
+    }
+
+    // Hash password and insert user
+    $password_hash = password_hash($password, PASSWORD_DEFAULT);
+    $stmt = $pdo->prepare("INSERT INTO users (username, password_hash) VALUES (?, ?)");
+    $stmt->execute([$username, $password_hash]);
+
+    header('Location: index.php?reg_success=1#login');
+    exit();
+
+} catch (PDOException $e) {
+    // In a real app, log the error
+    header('Location: index.php?reg_error=A database error occurred.#register');
+    exit();
+}
+?>
\ No newline at end of file