PHP PDO Login/Register System with Source Code

Login/Register module is one of those features almost all sites have nowadays. But develop a secure login and registration form can be a nightmare for PHP beginners. Because various steps and validation are involved in building both forms.

So in this tutorial, we are going to make login/register system using PHP PDO. If you have no or little knowledge of PDO, you can read my previous tutorial on PDO basics and PDO prepared statement. For styling I will be using Bootstrap 4. Source code will consist of 5 files which would be:

  • Config.php: File with pdo connection
  • Login.php: File having login form html and server side validation and login code
  • Register.php: File having register form html, server side validation and register code
  • Dashboard.php: User will land on this file after successful login
  • Logout.php: File having logout code

So let’s start now. First of all, we need to create a database and table. I will be creating a database as a demo and MySQL table name will be members.


Create Database:


Create Table:


Config.php:

First of all we need to create a MYSQL database connection. PDO class constructor takes 3 parameters which are database source (dsn), db user and db password. I have created a separate variable for those which you can see below. Then I make connection using $pdo variable and put connection in try and catch block. $pdo->setAttribute() method set an attribute on the database handle. This time I will throw an exception. If you wish to read more about setAttribute method and its argument you can visit PDO::setAttribute


Login.php:

PHP PDO Login Form with source code

Login file consist of two parts. One is HTML part and second is PHP part. Let’s discuss HTML part first. As I said earlier that I will be using bootstrap 4 for form desiging.

First I add the CSS CDN link in head section so that I can access bootstrap default styling classes. I also add php code to print server side validation errors. $errors is an array of errors.

In PHP part (which is on top), first I call session_start() function which is necessary to start new session. After that I include the config.php file to access the database. Then there is a if condition which make sure that form will submit. Under same condition there is another condition that ensure that email and password would not empty. After getting email and password, I am validating email and if email is valid then I will check user associated with that email or not. If email is found then I match the password using password_verify() function and if the password is correct I will create a session and redirect user to dashboard.php page.


Register.php:

PHP PDO Registration Form with source code

Register file is also consist of two parts HTML and PHP. In HTML part, styling is same like login form. $errors is also there for printing server side errors. I also add $success variable to print successful form submission message. Also each input field has conditional value having ?? (double question mark). ?? (Null coalescing operator) is a short hand of ternary operator and it was added in php 7.0.

In PHP part, I am using session_start and require_once functions and then I add a if clause to check form will submit or not. If form will submit then I will make sure that every input field must have value. If any of the input field doesn’t come with value then I will show validation error. If all fields come with value then first I will check email is valid or not. If the email is valid, I will check in the database that email should not be present in database. Otherwise I will through email already exist error. If email will unique, I will create a user and print successful message.

One more thing, I am using password_hash() function to create hash password. I already wrote a tutorial on password hash in one of my previous blog post.


Dashboard.php:

After successful login, User will land on this page. This page has session_start function and I am also checking that dashboard.php should not access directly. HTML code is just a heading and a logout link.

Logout.php:

This file destroy user session and redirect user to login.page

 

 

Posted in PHP

Author: Ahsan Zameer

I am a web developer and love to search new stuff on web. Trying different approaches and ideas to make web developing more interesting and enjoyable.

Leave a Reply

Your email address will not be published. Required fields are marked *