1. Database Setup (SQL)
Create the users table by executing this SQL query in your MySQL database:
CREATE TABLE users (
id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
email VARCHAR(100) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
2. Database Configuration (config.php)
This file connects to the MySQL database.
<?php
// Database credentials
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'root');
define('DB_PASSWORD', '123456');
define('DB_NAME', 'login_system');
// Attempt to connect to MySQL database
$conn = new mysqli(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
// Check connection
if ($conn->connect_error) {
die("ERROR: Could not connect. " . $conn->connect_error);
}
?>
3. User Registration Logic (register.php)
This script processes user registration with validation and password hashing.
<?php
// Include database configuration
require_once "config.php";
// Initialize variables
$email = $password = $confirm_password = "";
$email_err = $password_err = $confirm_password_err = "";
// Handle form submission
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Validate email
if (empty(trim($_POST["email"]))) {
$email_err = "Please enter an email.";
} else {
$sql = "SELECT id FROM users WHERE email = ?";
if ($stmt = $conn->prepare($sql)) {
$stmt->bind_param("s", $param_email);
$param_email = trim($_POST["email"]);
if ($stmt->execute()) {
$stmt->store_result();
if ($stmt->num_rows == 1) {
$email_err = "This email is already taken.";
} else {
$email = trim($_POST["email"]);
}
} else {
echo "Something went wrong. Please try again.";
}
$stmt->close();
}
}
// Validate password
if (empty(trim($_POST["password"]))) {
$password_err = "Please enter a password.";
} elseif (strlen(trim($_POST["password"])) < 6) {
$password_err = "Password must have at least 6 characters.";
} else {
$password = trim($_POST["password"]);
}
// Validate confirm password
if (empty(trim($_POST["confirm_password"]))) {
$confirm_password_err = "Please confirm your password.";
} else {
$confirm_password = trim($_POST["confirm_password"]);
if ($password !== $confirm_password) {
$confirm_password_err = "Passwords do not match.";
}
}
// Insert into database if no errors
if (empty($email_err) && empty($password_err) && empty($confirm_password_err)) {
$sql = "INSERT INTO users (email, password) VALUES (?, ?)";
if ($stmt = $conn->prepare($sql)) {
$stmt->bind_param("ss", $param_email, $param_password);
$param_email = $email;
$param_password = password_hash($password, PASSWORD_DEFAULT);
if ($stmt->execute()) {
header("location: login.php");
exit();
} else {
echo "Something went wrong. Please try again.";
}
$stmt->close();
}
}
// Close connection
$conn->close();
}
?>
4. Registration Form (signup.php)
This is the HTML page for user registration.
<?php
require_once "config.php";
require_once "register.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Signup</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<div class="row justify-content-center">
<div class="col-md-6">
<h2 class="text-center mt-5">Register</h2>
<p class="text-center">Please fill out this form to create an account.</p>
<form action="signup.php" method="post">
<div class="form-group">
<label>Email</label>
<input type="email" name="email" class="form-control" value="<?= htmlspecialchars($email); ?>">
<small class="text-danger"><?= $email_err; ?></small>
</div>
<div class="form-group">
<label>Password</label>
<input type="password" name="password" class="form-control">
<small class="text-danger"><?= $password_err; ?></small>
</div>
<div class="form-group">
<label>Confirm Password</label>
<input type="password" name="confirm_password" class="form-control">
<small class="text-danger"><?= $confirm_password_err; ?></small>
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary btn-block" value="Sign Up">
</div>
<p class="text-center">Already have an account? <a href="login.php">Login here</a>.</p>
</form>
</div>
</div>
</div>
</body>
</html>
5. Login Page (login.php)
This script handles user login.
<?php
require_once "config.php";
session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = trim($_POST["email"]);
$password = trim($_POST["password"]);
if (!empty($email) && !empty($password)) {
$sql = "SELECT id, email, password FROM users WHERE email = ?";
if ($stmt = $conn->prepare($sql)) {
$stmt->bind_param("s", $email);
if ($stmt->execute()) {
$stmt->store_result();
if ($stmt->num_rows == 1) {
$stmt->bind_result($id, $email, $hashed_password);
if ($stmt->fetch() && password_verify($password, $hashed_password)) {
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["email"] = $email;
header("location: dashboard.php");
exit();
} else {
$login_err = "Invalid email or password.";
}
} else {
$login_err = "No account found with that email.";
}
}
$stmt->close();
}
}
}
$conn->close();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Login</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<div class="row justify-content-center">
<div class="col-md-6">
<h2 class="text-center mt-5">Login</h2>
<form action="login.php" method="post">
<div class="form-group">
<label>Email</label>
<input type="email" name="email" class="form-control">
</div>
<div class="form-group">
<label>Password</label>
<input type="password" name="password" class="form-control">
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary btn-block" value="Login">
</div>
<p class="text-center">Don't have an account? <a href="signup.php">Sign up here</a>.</p>
</form>
</div>
</div>
</div>
</body>
</html>
Features of This System
-
Secure password hashing using
password_hash() -
Validation for email and password fields
-
Prepared statements to prevent SQL injection
-
Session handling for login
