Mini Kabibi Habibi

Current Path : C:/Users/ITO/Desktop/From USB/system/
Upload File :
Current File : C:/Users/ITO/Desktop/From USB/system/user_registration.php

<?php 
include 'include/config.php';



if (isset($_POST['submit'])) {
  $fname = $_POST['fname'];
  $mname = $_POST['mname'];
  $lname = $_POST['lname'];
  $username = $_POST['username'];
  $location = $_POST['location'];
  $district = $_POST['district'];
  $deped_email = $_POST['deped_email'];
  $email = $_POST['email'];
  $password = md5($_POST['password']);
  $cpassword = md5($_POST['cpassword']);
  $designation = ($_POST['designation']);
  $sc_id = $_POST['sc_id'];

  if ($password == $cpassword) {
    $sql = "SELECT * FROM users WHERE username='$username'";
    $result = mysqli_query($conn, $sql);
    if (!$result->num_rows > 0) {
      $sql = "INSERT INTO information (username, fullname,location, district,deped_email,email,password,role,designation,sc_id)
          VALUES ('$username',' $fname ' "  .  " ' $mname ' "  .  " ' $lname ', '$location','$district','$deped_email','$email','$password','ADMIN','$designation','$sc_id');";
      $sql.= "INSERT INTO users (username, password,role)
          VALUES ('$username','$password','ADMIN')";
      $result = mysqli_multi_query($conn, $sql);
      if ($result) {
        echo "<script>alert('Wow! User Registration Completed.');window.location.href ='index.php'; </script>";
        $username = "";
        
      
        $_POST['password'] = "";
        $_POST['cpassword'] = "";
        $level = "";
      } else {
        echo "<script>alert('Woops! Something Wrong Went.');window.location.href ='index.php'; </script>";
      }
    } else {
      echo "<script>alert('Woops! Email Already Exists.');window.location.href ='index.php'; </script>";
    }
    
  } else {
    echo "<script>alert('Password Not Matched.');window.location.href ='index.php'; </script>";
  }
}

?>