32) { echo "Username must be between 3 and 32 characters."; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { // Validate email format echo "Invalid email format."; } elseif (strlen($password) < 8 || strlen($password) > 128) { // Validate password length echo "Password must be between 8 and 128 characters."; } else { // Check if the username or email already exists $checkQuery = "SELECT id FROM users WHERE username = ? OR email = ?"; $checkStmt = $mysqli->prepare($checkQuery); $checkStmt->bind_param("ss", $username, $email); $checkStmt->execute(); $checkStmt->store_result(); if ($checkStmt->num_rows > 0) { echo "Username or email already exists. Please choose a different one."; } else { // Hash the password $hashed_password = password_hash($password, PASSWORD_DEFAULT); // Prepare and execute the SQL query using prepared statements $insertQuery = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)"; $insertStmt = $mysqli->prepare($insertQuery); $insertStmt->bind_param("sss", $username, $email, $hashed_password); // Execute the statement $result = $insertStmt->execute(); if ($result) { echo "Registration successful. Login here."; } else { echo "Error: " . $mysqli->error; } // Close the statements $insertStmt->close(); } // Close the statement for checking existing username or email $checkStmt->close(); } } } ?>