diff --git a/register.php b/register.php
index 3419cdb7b01bd10322f5d1b4ffea95b8369c7062..29f5da74c147d31fd80f2598c2f833b3c7c037a5 100644
--- a/register.php
+++ b/register.php
@@ -5,51 +5,48 @@ include 'components/connect.php';
 
 if(isset($_POST['submit'])){
 
-   $id = create_unique_id();
-   $name = $_POST['name'];
-   $name = filter_var($name, FILTER_SANITIZE_STRING);
-   $email = $_POST['email'];
-   $email = filter_var($email, FILTER_SANITIZE_STRING);
+   $name = htmlspecialchars($_POST['name'], ENT_QUOTES, 'UTF-8');
+   $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
    $pass = password_hash($_POST['pass'], PASSWORD_DEFAULT);
-   $pass = filter_var($pass, FILTER_SANITIZE_STRING);
-   $c_pass = password_verify($_POST['c_pass'], $pass);
-   $c_pass = filter_var($c_pass, FILTER_SANITIZE_STRING);
-
-   $image = $_FILES['image']['name'];
-   $image = filter_var($image, FILTER_SANITIZE_STRING);
-   $ext = pathinfo($image, PATHINFO_EXTENSION);
-   $rename = create_unique_id().'.'.$ext;
-   $image_size = $_FILES['image']['size'];
-   $image_tmp_name = $_FILES['image']['tmp_name'];
-   $image_folder = 'uploaded_files/'.$rename;
-
-   if(!empty($image)){
-      if($image_size > 2000000){
-         $warning_msg[] = 'Image size is too large!';
-      }else{
-         move_uploaded_file($image_tmp_name, $image_folder);
+   $c_pass = $_POST['c_pass']; // ใช้เปรียบเทียบตรง ๆ กับ $_POST['pass']
+
+   // ตรวจสอบว่ารหัสผ่านตรงกันหรือไม่
+   if ($c_pass !== $_POST['pass']) {
+      $warning_msg[] = 'Confirm password not matched!';
+   } else {
+
+      // อัปโหลดรูปภาพ
+      $rename = NULL; // ตั้งค่าเริ่มต้นเป็น NULL
+      if (!empty($_FILES['image']['name'])) {
+         $image = $_FILES['image']['name'];
+         $ext = pathinfo($image, PATHINFO_EXTENSION);
+         $rename = uniqid().'.'.$ext; // ใช้ uniqid() แทน create_unique_id()
+         $image_size = $_FILES['image']['size'];
+         $image_tmp_name = $_FILES['image']['tmp_name'];
+         $image_folder = 'uploaded_files/'.$rename;
+
+         if ($image_size > 2000000) {
+            $warning_msg[] = 'Image size is too large!';
+         } else {
+            move_uploaded_file($image_tmp_name, $image_folder);
+         }
       }
-   }else{
-      $rename = '';
-   }
 
-   $verify_email = $conn->prepare("SELECT * FROM `users` WHERE email = ?");
-   $verify_email->execute([$email]);
+      // ตรวจสอบว่าอีเมลซ้ำหรือไม่
+      $verify_email = $conn->prepare("SELECT * FROM `users` WHERE email = ?");
+      $verify_email->execute([$email]);
+
+      if ($verify_email->rowCount() > 0) {
+         $warning_msg[] = 'Email already taken!';
+      } else {
+         // เพิ่มข้อมูลลงฐานข้อมูล
+         $insert_user = $conn->prepare("INSERT INTO `users`(name, email, password, image) VALUES(?,?,?,?)");
+         $insert_user->execute([$name, $email, $pass, $rename]);
 
-   if($verify_email->rowCount() > 0){
-      $warning_msg[] = 'Email already taken!';
-   }else{
-      if($c_pass == 1){
-         $insert_user = $conn->prepare("INSERT INTO `users`(id, name, email, password, image) VALUES(?,?,?,?,?)");
-         $insert_user->execute([$id, $name, $email, $pass, $rename]);
          $success_msg[] = 'Registered successfully!';
-      }else{
-         $warning_msg[] = 'Confirm password not matched!';
       }
    }
-   
 }
-
 ?>
 
 <!DOCTYPE html>