In this Post we are providing you an easy registration and login process using PDO connection with better password encryption and secure web page login.
Lets see the simple explanation about login and registration system.
USER Table
User table contains all the users registration details.
Below code will help you to validate the new user details and update the user details in "USER" table of MySQL database, after the you complete the registration process.
Register.php
login.php
This class contains two important method : userRegistration() , userLogin() . These methods are validating the user details while login and registration process. Lets see the source code.
After the successful login, it will redirect the page to "home.php". This is a welcome page, which display the userid and username.
This code will clear the all user session variables and redirect the page to "login.php"
NOTE : customize your PHP code as per your need for better session management. To learn and better session management check out our new post on PHP Session Management With Some Tips.
Download Link : https://github.com/skptricks/php-Tutorials/tree/master/PHP%20Login%20and%20Registration%20System%20with%20PDO%20Connection
Why do we use PDO for Login and Registration System?
PDO is a PHP extension that allow us to implement code which is portable across many databases and platforms.Lets see the simple explanation about login and registration system.
USER Table
User table contains all the users registration details.
CREATE TABLE `user` (
`UID` int(3) NOT NULL,
`USERNAME` varchar(100) NOT NULL,
`EMAILID` varchar(100) NOT NULL,
`PASSWORD` varchar(100) NOT NULL,
`JOINDATE` varchar(100) NOT NULL
) ;
PHP Registration Page code :
Below code will help you to validate the new user details and update the user details in "USER" table of MySQL database, after the you complete the registration process.
Register.php
<?php include("userValidationClass.php"); $userClass = new UserClass(); $errorMessage = "" ; $sucessMessage = "" ; if (!empty($_POST['submitregistrationform'])) { $username=$_POST['username']; $email=$_POST['emailid']; $password=$_POST['userpassowrd']; //$date= date(); /* Regular expression check */ $username_check = preg_match('~^[A-Za-z0-9_]{3,20}$~i', $username); $email_check = preg_match('~^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$~i', $email); //$password_check = preg_match('~^[A-Za-z0-9!@#$%^&*()_]{6,20}$~i', $password); if($username_check && $email_check ){ $uid=$userClass->userRegistration($username,$email,$password); if($uid){ $sucessMessage = "Registration successful, Please s "."<a href='login.php'>Login</a>" ; } else{ $errorMessage = "Email-ID already exists"; } } else{ $errorMessage = "Please enter the valid details"; } } ?> <html > <head> <link rel="stylesheet" type="text/css" href="design.css"> </head> <body> <div> <a href="login.php">Login</a> </div> <div id="register"> <h3>Registration page</h3> <form method="post" action="" name="register"> <label>Name</label> <input type="text" name="username" autocomplete="off" /> <label>Email</label> <input type="text" name="emailid" autocomplete="off" /> <label>Password</label> <input type="password" name="userpassowrd" autocomplete="off"/> <div class="errorMsg"><?php echo $errorMessage; ?></div> <div class="sucessMsg"><?php echo $sucessMessage; ?></div> <input type="submit" class="button" name="submitregistrationform" value="Register"> </form> </div> </body> </html>
PHP Login Page Code
Below line of code helps you to validate the user details in "USER" table and after you complete with login process it will redirected to "home.php" page.login.php
<?php include("userValidationClass.php"); $userClass = new UserClass(); $errorMessage = "" ; if (!empty($_POST['submitloginform'])) { $email=$_POST['emailid']; $password=$_POST['userpassowrd']; if(strlen(trim($email))>1 && strlen(trim($password))>1 ){ $uid=$userClass->userLogin($email,$password); if($uid){ $url='home.php'; header("Location: $url"); // Page redirecting to home.php } else{ $errorMessage = "Please enter the valid credential" ; } } else{ $errorMessage = "Please Enter the valid details" ; } } ?> <html > <head> <link rel="stylesheet" type="text/css" href="design.css"> </head> <body> <div> <a href="Register.php">Register</a> </div> <div id="login"> <h3>Login page</h3> <form method="post" action="" name="login"> <label>Email</label> <input type="text" name="emailid" autocomplete="off" /> <label>Password</label> <input type="password" name="userpassowrd" autocomplete="off"/> <div class="errorMsg"><?php echo $errorMessage; ?></div> <input type="submit" class="button" name="submitloginform" value="Login"> </form> </div> </body> </html>
CSS Code :
Consists of CSS design for login and registration page.#register,#login{ width: 300px; border: 1px solid #d6d7da; padding: 0px 15px 15px 15px; border-radius: 5px;font-family: arial; line-height: 16px;color: #333333; font-size: 14px; background: #ffffff;rgba(200,200,200,0.7) 0 4px 10px -1px; margin: 100px auto; } form label, form input{display: block;margin-bottom: 5px;width: 90%} form input{ padding: 10px; border: solid 1px #BDC7D8; margin-bottom: 20px; } .button { background-color: #00BFFF ; border-color: #3ac162; font-weight: bold; padding: 12px 15px; color: #ffffff; } .errorMsg{ color: #cc0000; margin-bottom: 10px; } .sucessMsg{ color: #6B8E23; margin-bottom: 10px; }
userValidationClass.php
This class contains two important method : userRegistration() , userLogin() . These methods are validating the user details while login and registration process. Lets see the source code.
<?php Class UserClass{ // connect to mysql database public function DBConnect(){ $dbhost ="localhost"; // set the hostname $dbname ="skptricksdemo" ; // set the database name $dbuser ="root" ; // set the mysql username $dbpass =""; // set the mysql password try { $dbConnection = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass); $dbConnection->exec("set names utf8"); $dbConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); return $dbConnection; } catch (PDOException $e) { echo 'Connection failed: ' . $e->getMessage(); } } // logic and validation for user registration page public function userRegistration($username,$email,$password){ try{ $dbConnection = $this->DBConnect(); $stmt = $dbConnection->prepare('SELECT * FROM `user` WHERE `EMAILID` = :EMAILID '); $stmt->bindParam(":EMAILID", $email,PDO::PARAM_STR); $stmt->execute(); $Count = $stmt->rowCount(); if($Count < 1){ // insert the new record when match not found... $stmt = $dbConnection->prepare('INSERT INTO `user`(USERNAME,EMAILID,PASSWORD,JOINDATE) VALUES(:USERNAME,:EMAILID,:PASSWORD,:JOINDATE)'); $joindate = date("F j, Y, g:i a"); $hash_password= hash('sha256', $password); //Password encryption $stmt->bindParam(':USERNAME', $username,PDO::PARAM_STR ); $stmt->bindParam(':EMAILID', $email,PDO::PARAM_STR); $stmt->bindParam(':PASSWORD', $hash_password,PDO::PARAM_STR ); $stmt->bindParam(':JOINDATE', $joindate,PDO::PARAM_STR); $stmt->execute(); $Count = $stmt->rowCount(); if($Count == 1 ) { $uid=$dbConnection->lastInsertId(); // Last inserted row id $dbConnection = null; return true; } else{ $dbConnection = null; return false; } } else{ //echo "Email-ID already exits"; $dbConnection = null; return false; } } catch (PDOException $e) { echo 'Connection failed: ' . $e->getMessage(); } } // logic and validation for user login page public function userLogin($email,$password){ try{ $dbConnection = $this->DBConnect(); $stmt = $dbConnection->prepare('SELECT * FROM `user` WHERE `EMAILID` = :EMAILID and `PASSWORD` = :PASSWORD'); $hash_password= hash('sha256', $password); $stmt->bindParam(":EMAILID", $email,PDO::PARAM_STR); $stmt->bindParam(":PASSWORD", $hash_password,PDO::PARAM_STR); $stmt->execute(); $Count = $stmt->rowCount(); $data=$stmt->fetch(PDO::FETCH_OBJ); if($Count == 1){ session_start(); $_SESSION['uid']=$data->UID; // Storing user session value $_SESSION['uname']=$data->USERNAME; // Storing user session value $dbConnection = null ; return true; } else{ $dbConnection = null ; return false ; } } catch (PDOException $e) { echo 'Connection failed: ' . $e->getMessage(); } } } ?>
session.php
Validate the user session details on "home.php" page. if session variables are not exist, then it will redirect the page to "login.php" page.<?php if(empty($_SESSION['uid'])) { $url='login.php'; header("Location: $url"); } else{ } ?>
home.php
After the successful login, it will redirect the page to "home.php". This is a welcome page, which display the userid and username.
<?php session_start(); include("session.php"); ?> <h1> welcome to home page, <span style="color:red;"> <?php echo $_SESSION['uname'] ; ?> </span> </h1> <?php echo "session ID is : ".$_SESSION['uid'] ; ?> <br> <a href="logout.php"> Logout </a>
logout.php
This code will clear the all user session variables and redirect the page to "login.php"<?php session_start(); $_SESSION['uid']=''; $_SESSION['uname']=''; session_unset(); $url='login.php'; header("Location: $url"); // Page redirecting to login.php ?>
NOTE : customize your PHP code as per your need for better session management. To learn and better session management check out our new post on PHP Session Management With Some Tips.
Download Link : https://github.com/skptricks/php-Tutorials/tree/master/PHP%20Login%20and%20Registration%20System%20with%20PDO%20Connection
No comments:
Post a Comment