Fixed Sql Injection Problem

register.html

   <form id="register" class="input_group" action="registration.php" method="post" required>
				<input type="username" class="input_field" placeholder="Username" name="username" required>
				<input type="email" class="input_field" placeholder="Email Id" name="email" required>
				<input type="password" class="input_field" placeholder="Password" name="password" required>
				<input type="checkbox" class="checkbox" name="checkbox"> <span>I agree to the term & conditions</span>
				<button type="submit" class="submit_btn">Register</button>
	  </form>

registration.php

<?php

session_start();

$conn = mysqli_connect('localhost','root','7777','gm-registration');

$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];

$s = "select * from users where username = '$username'";

$result = mysqli_query($conn, $s);

$num = mysqli_num_rows($result);

if($num==1){
	echo "This Username is Already Taken";
}
else{
	$stmt = $conn->prepare("INSERT INTO users(username, email, password) VALUES(?,?,?)");
	$stmt->bind_param("sss", $username, $email, $password);
	$stmt->execute();
	echo "Registration Successful";
	$stmt->close();
	$conn->close();
}

?>