//pasword check if ($data['password'] != $data['password2']) { header("Location: " . $site_dir . "registration.php?error=passMatch"); } //email format check if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) { header("Location: " . $site_dir . "registration.php?error=emailFail"); } //check if email is taken $query = "SELECT * FROM users WHERE email = '" . $data['email'] . "'"; $result = $db_conn->query($query); if ($result->num_rows === 1) { //email is taken header("Location: " . $site_dir . "registration.php?error=emailTaken"); } //email not taken, insert data $query = "INSERT INTO users (email, password, first_name, last_name)\n\tVALUES ('" . $user->registrationReturn($data) . "')"; $result = $db_conn->query($query); //error inserting if ($result === FALSE) { die("Error: " . $db_conn->error); } //select data back to set as session vars $query = "SELECT * FROM users WHERE email = '" . $email . "'"; $result = $db_conn->query($query); $user->assignData($result->fetch_assoc()); $db_conn->close(); header("Location: " . $site_dir); ?>