$position = $_POST['position'];
$position = $database_master->escapeString($position);
$redirectPage = 'index.php?';
if (!$database_master->checkIdNo($idNo)) {
$errors['idNo'] = $idNo;
$redirectPage .= 'id=' . $idNo;
}
if ($password != $repass) {
$errors['password'] = "******";
$redirectPage .= '&password=nomatch';
}
if (empty($idNo) || empty($password) || empty($repass) || empty($user_type) || empty($position)) {
$errors['empty'] = "true";
$redirectPage .= '&error=empty';
}
if (!$database_master->checkUser_type($user_type)) {
$errors['user_type'] = $user_type;
$redirectPage .= '&user_type=' . $user_type;
}
if (!$database_master->checkOffice($office)) {
$errors['office'] = $office;
$redirectPage .= '&office=' . $office;
}
if (empty($errors)) {
$query = "INSERT INTO users VALUES ('{$idNo}', '{$user_type}', SHA('{$password}'), '{$firstName}', '{$lastName}', \n\t\t\t'{$position}', '{$office}')";
if ($database_master->queryUpdate($query)) {
$page_master->redirectUser('index.php?register=success&new_user='******'index.php?register=failed');
}
} else {
