Register - Procurement Management System

'', 'username' => '', 'email' => '', 'role' => '' ]; if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Sanitize inputs $formData = [ 'full_name' => trim($_POST['full_name']), 'username' => trim($_POST['username']), 'email' => trim($_POST['email']), 'password' => $_POST['password'], 'confirm_password' => $_POST['confirm_password'], 'role' => $_POST['role'] ]; // Validation if (empty($formData['full_name'])) $errors[] = 'Full name is required.'; if (empty($formData['username'])) $errors[] = 'Username is required.'; if (empty($formData['email'])) $errors[] = 'Email is required.'; if (!filter_var($formData['email'], FILTER_VALIDATE_EMAIL)) $errors[] = 'Invalid email format.'; if (empty($formData['password'])) $errors[] = 'Password is required.'; if (strlen($formData['password']) < 8) $errors[] = 'Password must be at least 8 characters.'; if ($formData['password'] !== $formData['confirm_password']) $errors[] = 'Passwords do not match.'; if (empty($formData['role'])) $errors[] = 'Role is required.'; if (empty($errors)) { try { $stmt = $pdo->prepare("SELECT user_id FROM users WHERE username = ? OR email = ?"); $stmt->execute([$formData['username'], $formData['email']]); if ($stmt->rowCount() > 0) { $errors[] = 'Username or email already exists.'; } else { $hashedPassword = password_hash($formData['password'], PASSWORD_BCRYPT); $stmt = $pdo->prepare("INSERT INTO users (username, password, email, full_name, role) VALUES (?, ?, ?, ?, ?)"); $stmt->execute([ $formData['username'], $hashedPassword, $formData['email'], $formData['full_name'], $formData['role'] ]); $_SESSION['registration_success'] = true; header("Location: login.php"); exit(); } } catch (PDOException $e) { error_log("Registration error: " . $e->getMessage()); $errors[] = 'Registration failed. Please try again.'; } } } ?> Register - Procurement Management System