52 lines
1.5 KiB
PHP
52 lines
1.5 KiB
PHP
<?php
|
|
require_once __DIR__ . '/db/config.php';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$name = $_POST['name'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
$password = $_POST['password'] ?? '';
|
|
$role = $_POST['role'] ?? 'client';
|
|
|
|
if (empty($name) || empty($email) || empty($password)) {
|
|
header('Location: register.php?error=All fields are required.');
|
|
exit();
|
|
}
|
|
|
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
header('Location: register.php?error=Invalid email format.');
|
|
exit();
|
|
}
|
|
|
|
if ($role !== 'owner' && $role !== 'client') {
|
|
header('Location: register.php?error=Invalid role specified.');
|
|
exit();
|
|
}
|
|
|
|
try {
|
|
$pdo = db();
|
|
|
|
// Check if email already exists
|
|
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ?");
|
|
$stmt->execute([$email]);
|
|
if ($stmt->fetch()) {
|
|
header('Location: register.php?error=Email already in use.');
|
|
exit();
|
|
}
|
|
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
|
|
|
$stmt = $pdo->prepare("INSERT INTO users (name, email, password, role) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$name, $email, $hashed_password, $role]);
|
|
|
|
header('Location: register.php?success=User created successfully.');
|
|
exit();
|
|
|
|
} catch (PDOException $e) {
|
|
header('Location: register.php?error=A database error occurred.');
|
|
exit();
|
|
}
|
|
} else {
|
|
header('Location: register.php');
|
|
exit();
|
|
}
|