Skip to main content

User Signup and Login with PHP

Creating user login system is one of the most interesting thing for developers. If you want to create a web application with user sign up and sign in system or even if you want to create a secure admin area this method can help you a lot.

Today we are going to create a simple application with php that can allow a user to sing up, sign in and viewing secure page.

Live Demo Download Source

Step 1 - Database

In this tutorial we are going to use MySQL database based user login system.

Users table

At first we need to create users database table. This table has two fields (username & password) with an auto increment filed (id).

CREATE TABLE `users` (
  `id` int(6) NOT NULL AUTO_INCREMENT,
  `username` varchar(16) NOT NULL,
  `password` varchar(40) NOT NULL,
  PRIMARY KEY (`id`)
);

Database connection

In this tutorial we are going to use PDO (PHP Data Object) to do database queries. If you are not familiar with PDO I recommend you to read this article at first.

function dbconnect()
{
  global $pdo;

  try {
    $pdo = new PDO('mysql:host=localhost;dbname=mydb', 'root', 'root');
  } catch (PDOException $e) {
    die('MySQL connection fail! ' . $e->getMessage());
  }
}

The dbconnect function will establish database connect. In here you will need to change host name, dbname, username and password.



Step 2 - User Signup

We will allow new users to signup in this tutorial. In this section will will create a user signup system.

Signup HTML

To create a user signup system at first we will need to create a signup form. The following html code is placed in signup.php file.

<!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Sign Up</title>
</head>
<body>
  <h1>Sign Up</h1>
  <p>Already have an account? <a href="signin.php">Login</a></p>
  <!-- error or success message will be shown here -->
  <?php if (!empty($_GET['error'])): ?>
    <p><?php echo $_GET['error']?></p>
  <?php endif ?>
  <?php if (!empty($_GET['success'])): ?>
    <p><?php echo $_GET['success']?></p>
  <?php endif ?>

  <!-- signup form -->
  <form action="signup_post.php" method="post">
    <input type="text" name="username" placeholder="username">
    <input type="password" name="password" placeholder="password">

    <input type="submit" value="Sign Up">
  </form>
</body>
</html>

Insert new user information

The insert_new_user function inserts new user's data to the database.

function insert_new_user($username, $password)
{
  # checking username is already taken
  if (username_exists($username))
    return false;

  # insert new user info
  global $pdo;
  $stmt = $pdo->prepare('
    INSERT INTO users
    (username, password)
    values (:username, :password)');

  $stmt->execute( array(':username' => $username, ':password' => md5($password)) );

  if ($pdo->lastInsertId())
    return true;
  else
    return false;
}



Step 3 - Sign in

Now we are going to create user sign in system. This system is based on PHP session function.

Sign in HTML

The sign in form is almost same as sing up form and it is placed in singin.php file.

<!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Sign In</title>
</head>
<body>
  <h1>Sign In</h1>

  <!-- error or success message will appear here -->
  <?php if (!empty($_GET['error'])): ?>
    <p><?php echo $_GET['error']?></p>
  <?php endif ?>

  <!-- sign in form -->
  <form action="sign_post.php" method="post">
    <input type="text" name="username" placeholder="username">
    <input type="password" name="password" placeholder="password">

    <input type="submit" value="Sign In">
  </form>

</body>
</html>

Sign in attempt function

The attempt function attempts to sign in users. If a user requests to sign in by his username & password it looks into users table on database and if it founds everything ok it sets username to the session variable and returns true.

function attempt($username, $password)
{
  global $pdo;
  
  $stmt = $pdo->prepare('
    SELECT id, username
    FROM users
    WHERE username = :username AND password = :password
    LIMIT 1');

  $stmt->execute(array(':username' => $username, 'password' => md5($password)));

  if ($data = $stmt->fetch( PDO::FETCH_OBJ )) {
    # set session
    $_SESSION['username'] = $data->username;
    return true;
  } else {
    return false;
  }
}
Labels:

Comments

  1. AnonymousNovember 27, 2013 at 1:25 PM

    thanks this is a great easy to understand tutorial

    ReplyDelete
  2. AnonymousDecember 4, 2013 at 6:24 PM

    1- Don't use global
    2 - MD5 is a weak hashing algorithm. You should be using crypt()
    3 - use html5 attribute 'require' to force/validate user to enter only email, pass, url types
    4 - use PDO with proper emulation, and error mode exception..

    ReplyDelete
  3. Lars avlastenokDecember 24, 2013 at 4:05 PM

    I really do agree on this never use global.
    MD5 is a weak hash algorithm but accepted by large, but crypt really should be used instead.
    yes you could use the html5 attribute require but we still struggle with the the end client to have a up to date browser.

    ReplyDelete
  4. Shahbaz Ahmed BhattiJanuary 18, 2014 at 10:46 AM

    Dear Resalat Haque
    i need some help i n this tutorial can u please help me

    ReplyDelete
  5. shahinamenAugust 16, 2015 at 9:19 AM

    Thank you very much for great support.

    ReplyDelete
  6. Đào QuânJanuary 19, 2016 at 8:34 PM

    dịch vụ làm báo cáo tài chính tại quận cầu giấy
    dịch vụ làm báo cáo tài chính tại quận hai bà trưng
    dịch vụ làm báo cáo tài chính tại quận ba đình
    dịch vụ làm báo cáo tài chính tại thanh trì
    dịch vụ làm báo cáo tài chính tại quận hoàng mai
    dịch vụ làm báo cáo tài chính tại quận tây hồ
    dịch vụ làm báo cáo tài chính tại quận đống đa
    công ty dịch vụ kế toán tại vĩnh phúc
    công ty dịch vụ kế toán tại hưng yên
    công ty dịch vụ kế toán tại phú thọ
    công ty dịch vụ kế toán tại hải dương
    công ty dịch vụ kế toán tại hải phòng
    công ty dịch vụ kế toán tại bắc ninh
    dịch vụ kế toán thuế tại vĩnh phúc
    dịch vụ kế toán thuế tại hưng yên
    dịch vụ kế toán thuế tại hải dương
    dịch vụ kế toán thuế tại ninh bình
    dịch vụ kế toán thuế tại vĩnh phúc
    dịch vụ kế toán thuế tại hưng yên
    dịch vụ kế toán thuế tại phú thọ
    dịch vụ kế toán thuế tại thái bình
    dịch vụ kế toán thuế tại hải dương
    dịch vụ kế toán tại hải phòng

    ReplyDelete
  7. Thong NguyenMarch 29, 2016 at 2:26 AM

    máy chạy bộ điện bàn bóng bàn

    ReplyDelete
  8. Rumah HerbalMarch 31, 2016 at 12:04 AM

    Ace Maxs Asli Di Apotik K24 - Selain di apotik k24 juga ace maxs asli bisa anda dapatkan disini

    ReplyDelete
  9. Naviya NairAugust 23, 2016 at 1:25 AM

    I have read your blog its very attractive and impressive. I like it your blog.

    PHP Training in chennai | PHP Training Course

    PHP Training in chennai | Online PHP Course

    ReplyDelete
  10. CODODO VIỆT NAMNovember 3, 2016 at 1:04 AM

    Tiếng anh cho người đi làm
    Tiếng anh cấp tốc
    Luyện thi toeic tại hà nội
    Tiếng anh cho người lớn tuổi
    Tiếng anh cho người mới bắt đầu
    Học tiếng anh tại hà nội
    dạy tiếng anh cho doanh nghiệp

    ReplyDelete
  11. sonam guptaNovember 17, 2017 at 8:09 AM

    GSSSB Recruitment 2018
    Central Railway Recrutiment 2018
    OSSSC Recruitment 2018
    NCR Recruitment 2018
    RRC NWR Recruitment 2018
    JKPSC Recruitment 2018
    MP Vyapam Recruitment 2018
    Kolkata Police Recruitment 2018
    UPPSC Recruitment 2018
    Rajasthan Police Recruitment

    ReplyDelete
  12. RiyaDecember 12, 2017 at 1:04 AM

    Thanks for the post visit
    AOC recruitment 2018

    ReplyDelete
  13. AUSTEROMarch 16, 2018 at 12:51 AM

    Very good informative article. Thanks for sharing such nice article, keep on up dating such good articles.

    NO.1 AQM Services | Application Quality Managment Services | Austere Technologies

    ReplyDelete
  14. masiMarch 19, 2018 at 2:08 AM

    wow...nice blog, very help full information. Thanks for sharing.
    NO.1 API DEVELOPMENT SERVICES | MASSIL TECHNOLOGIES

    ReplyDelete
  15. Jonh BraveMay 6, 2018 at 3:30 AM

    Good article and knowledge for me! I found a lot of information here! This article is really good for all newbie here. Thank you for sharing with us!
    vex 3

    ReplyDelete
  16. Pablo M.June 7, 2018 at 1:39 AM

    You give me good tips here. Gabby

    ReplyDelete

Post a Comment

Popular posts from this blog

Multiple File Upload with PHP

Sometimes we need to allow our users to upload multiple file upload. On my previous post I was shown the basic of simple file upload with PHP. Today I am going to show you how to allow users to upload multiple files. It is almost similar like simple file upload but we need to do some modification with html markup and php code. multiple attribute is needed to add on the html markup. Major web browsers like Firefox, Chrome, Safari and IE 9+ support this attribute. Now I am going to show you how to upload multiple file with PHP and basic HTML form.
108 comments
Read more

Live Comment System with jQuery Ajax PHP and MySQL

Recently I have been made a post that focused on how to submit form without page refreshing. That post shows the basic functionality of using jQuery Ajax. On the same follow this post will describe how we can create a comment system to post an instant comment without page refreshing. Let's start...

328 comments
Read more

Resize Image While Uploading with PHP

On my previous post I was shown an example how to upload file with php and html. It was based on php simple image upload functionality. Today I am going to show you little bit advance of image uploading. Suppose if you run a website and want to allow users to upload image files than you need to think little bit about server's space and bandwidth. For this purpose you need to do some optimization with image files. Image resize while uploading is one of them. All major website do it in the same way. If a user uploads a 5mb image file they resize it in different sizes and store on there server. It helps them to seed up there website and reduce there budget. Now take a look, how we can do it ourself.
69 comments
Read more