etutorialspoint
  • Home
  • PHP
  • MySQL
  • MongoDB
  • HTML
  • Javascript
  • Node.js
  • Express.js
  • Python
  • Jquery
  • R
  • Kotlin
  • DS
  • Blogs
  • Theory of Computation

PHP user registration & login/ logout with secure password encryption

In this article, you will learn how to develop user registration login and logout process with secure password encryption.

In many web applications, we need to keep track of the user's data, like - username and password. Among these data, password is most sensitive data. It is an absolute bad technique to store password as it is in the database. Today, security concern is most important. There are many attacker's techniques which easily crack your stored password. Password encryption and decryption techniques are also not more enough to secure user data. The hacker can easily trace it.

To make password more secure, here we are using PHP password encryption process using PHP inbuilt function md5() with salt. Salt is a bit of data which make the password more secure.

For this, first we will create a form name 'index.php' to store user information. If you want to make your data much more secure, you can use the random generated salt.



User Database

Here is the database table to store user information. You can either use your existing database or copy and paste this query in your database.

CREATE TABLE IF NOT EXISTS `users` (
  `userid` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(100) NOT NULL,
  `username` varchar(100) NOT NULL,
  `password` varchar(100) NOT NULL,
  PRIMARY KEY (`userid`)
) 




index.php

Here, we have created a PHP file 'index.php' that we will call on the browser. This PHP script contains code for both user registration process and login form.

<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" />
<div style="width: 45%; margin: 50px auto 20px auto; ">
<?php 
session_start();
echo $_SESSION['msg'].'<br/><br/>';

if($_GET['view'] == 'profile') {
echo '<b>Welcome '.$_SESSION['name'].'</b><br/><br/>';
 ?>
<div class="col-sm-4">
<form action='handler.php' method="post" class="form-horizontal">
<div class="form-group">
<input type="hidden" name="object" value="logout"/>
<button class="btn btn-small btn-primary btn-block" type="submit">Logout</button>  
</div>
</form>
</div>    
<?php
} 
else 
{
?>
<div style="float: left; padding-right: 50px; border-right: 1px solid #ddd;">
<div class="wrapper">
<form action='handler.php' method="post" class="form-horizontal">
<h2 class="form-signin-heading">Please register</h2><br/>
<div class="form-group">
<label class="control-label col-sm-4" for="textinput">Name</label>  
<div class="col-sm-8">
<input id="textinput" name="name" placeholder="Enter your name" class="form-control input-md" required="" type="text">
</div>
</div>
 <div class="form-group">
<label class="control-label col-sm-4" for="textinput">Username</label>  
<div class="col-sm-8">
<input id="textinput" name="username" placeholder="Enter your username" class="form-control input-md" required="" type="text">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-4" for="textinput">Password</label>  
<div class="col-sm-8">
<input id="textinput" name="password" placeholder="Enter your password" class="form-control input-md" required="" type="password">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-4" for="textinput"></label>  
<div class="col-sm-8">
<button class="btn btn-small btn-primary btn-block" type="submit">Register</button>  
<input type="hidden" name="object" value="register"/>
</div>
</div>    
</form>
</div>   
</div>
<div style="float: right;">
<div class="wrapper">
<form class="form-signin" action='handler.php' method="post">       
<h2 class="form-signin-heading">Please login</h2><br/>
<input type="text" class="form-control" name="username" placeholder="Username" required="" autofocus="" /><br/>
<input type="password" class="form-control" name="password" placeholder="Password" required=""/><br/>
<button class="btn btn-small btn-primary btn-block" type="submit">Login</button>   
 <input type="hidden" name="object" value="login"/>
</form>
</div>
</div>
</div>
<?php
 } 
?>


handler.php

When either login or registration form is submitted. The form will be posted to 'handler.php' filr. Create a PHP page name 'handler.php' and copy and paste the below codes. At the start of this file, we have written the database connection code and stored the post data in variables. If the POST object is 'register', then the code block saves the registration form data to the MySQL table. If the POST object is 'login', then the code block checks and selects the user data on login and maintain session. And if the POST object is 'logout' then the code block logout the user and destroy the old session.

<?php 
error_reporting('E_All');
define('SALT', 'd#f453dd');
$req = $_POST; 
$name = $req['name'];
$username = $req['username'];
$conn = mysqli_connect('hostname', 'username', 'password', 'database');
session_start();
if(mysqli_connect_error()){
    die("Error in DB connection: ".mysqli_connect_errno()." - ".mysqli_connect_error());
}
if($req['object'] == 'register'){ 
    $encypt_pwd = md5(SALT.$req['password']); 
    $insert = 'INSERT INTO `users` ( `name`, `username`, `password`) VALUES ( "'.$name.'", "'.$username.'", "'.$encypt_pwd.'")';
    if(mysqli_query($conn, $insert)){
        $_SESSION['msg'] = 'You have registered successfully, Please login.';
    }
    else{
        $_SESSION['msg'] = 'Error: '.mysqli_error($conn);
    }
    header("Location: index.php");
}
if($req['object'] == 'login'){ 
    $select = "SELECT name, password FROM `users` WHERE  username = '$username' ";
    $result = mysqli_query($conn, $select);
    $row = mysqli_fetch_row($result); 
    if (md5(SALT . $_POST['password']) == $row[1]) {
        
        $_SESSION['msg'] = 'You have logged in successfully';
        $_SESSION['name'] = $row[0];
        header("Location: index.php?view=profile");
    } else {
        $_SESSION['msg'] = 'Login Failed';
        header("Location: index.php");
    }
    
}
if($req['object'] == 'logout') {
    session_destroy();
    header("Location: index.php");
}
?>




Related Articles

Preventing Cross Site Request Forgeries(CSRF) in PHP
PHP code to send email using SMTP
Simple pagination in PHP
Simple PHP File Cache
PHP Connection and File Handling on FTP Server
Sending form data to an email using PHP
Recover forgot password using PHP and MySQL
How to display PDF file in PHP from database
How to read CSV file in PHP and store in MySQL




◀ Previous Article
PHP Secure User Registration with Login/logout
Next Article ▶
Php file based authentication
Most Popular Development Resources
Characteristics of a Good Computer Program
-----------------
Retrieve Data From Database Without Page refresh Using AJAX, PHP and Javascript
-----------------
PHP MySQL PDO Database Connection and CRUD Operations
-----------------
How to get data from XML file in PHP
-----------------
PHP Create Word Document from HTML
-----------------
How to encrypt password in PHP
-----------------
Hypertext Transfer Protocol Overview
-----------------
Splitting MySQL Results Into Two Columns Using PHP
-----------------
Create Dynamic Pie Chart using Google API, PHP and MySQL
-----------------
PHP code to send email using SMTP
-----------------
How to get current directory, filename and code line number in PHP
-----------------
Dynamically Add/Delete HTML Table Rows Using Javascript
-----------------
Get current visitor\'s location using HTML5 Geolocation API and PHP
-----------------
How to Sort Table Data in PHP and MySQL
-----------------
PHP MYSQL Advanced Search Feature
-----------------
Simple star rating system using PHP, jQuery and Ajax
-----------------
Simple pagination in PHP with MySQL
-----------------
Fibonacci Series Program in PHP
-----------------
jQuery loop over JSON result after AJAX Success
-----------------
PHP user registration and login/ logout with secure password encryption
-----------------
Submit a form data using PHP, AJAX and Javascript
-----------------
How to add multiple custom markers on google map
-----------------
Recover forgot password using PHP7 and MySQLi
-----------------
Php file based authentication
-----------------
PHP Secure User Registration with Login/logout
-----------------
jQuery File upload progress bar with file size validation
-----------------
Polling system using PHP, Ajax and MySql
-----------------
Simple PHP File Cache
-----------------
SQL Injection Prevention Techniques
-----------------
CSS Simple Menu Navigation Bar
-----------------
Simple File Upload Script in PHP
-----------------
Preventing Cross Site Request Forgeries(CSRF) in PHP
-----------------
PHP User Authentication by IP Address
-----------------
How to generate QR Code in PHP
-----------------
Calculate the distance between two locations using PHP
-----------------
Simple way to send SMTP mail using Node.js
-----------------
Detect Mobile Devices in PHP
-----------------
Set and Get Cookies in PHP
-----------------
PHP Server Side Form Validation
-----------------
To check whether a year is a leap year or not in php
-----------------
Date Timestamp Formats in PHP
-----------------
Get Visitor\'s location and TimeZone
-----------------
Convert MySQL to JSON using PHP
-----------------
Simple Show Hide Menu Navigation
-----------------
PHP Programming Error Types
-----------------
PHP Sending HTML form data to an Email
-----------------
Driving route directions from source to destination using HTML5 and Javascript
-----------------
How to print specific part of a web page in javascript
-----------------
Google Street View API Example
-----------------
How to select/deselect all checkboxes using Javascript
-----------------
How to add google map on your website and display address on click marker
-----------------
PHP Getting Document of Remote Address
-----------------
PHP Connection and File Handling on FTP Server
-----------------
File Upload Validation in PHP
-----------------
R Plot Types
-----------------


Most Popular Blogs
Most in demand programming languages
Best mvc PHP frameworks in 2019
MariaDB vs MySQL
Most in demand NoSQL databases for 2019
Best AI Startups In India
Kotlin : Android App Development Choice
Kotlin vs Java which one is better
Top Android App Development Languages in 2019
Web Robots
Data Science Recruitment of Freshers - 2019


Interview Questions Answers
Basic PHP Interview
Advanced PHP Interview
MySQL Interview
Javascript Interview
HTML Interview
CSS Interview
Programming C Interview
Programming C++ Interview
Java Interview
Computer Networking Interview
NodeJS Interview
ExpressJS Interview
R Interview


Popular Tutorials
PHP Tutorial (Basic & Advance)
MySQL Tutorial & Exercise
MongoDB Tutorial
Python Tutorial & Exercise
Kotlin Tutorial & Exercise
R Programming Tutorial
HTML Tutorial
jQuery Tutorial
NodeJS Tutorial
ExpressJS Tutorial
Theory of Computation Tutorial
Data Structure Tutorial
Javascript Tutorial




General Knowledge

listen
listen
listen
listen
listen
listen
listen
listen
listen


Learn Popular Language

listen
listen
listen
listen
listen

Blogs

  • Jan 27

    Best AI Startups In India

    Artificial Intelligence is a process of making an intelligent computer machine that does tasks intelligently...

  • Jan 23

    Most in demand programming languages for 2019

    In this article, we have mentioned the analyzed results of the most in demand programming language for 2019...

  • Jan 15

    Web Robots

    Web robots is an internet robot or simply crawlers, or spiders and do not relate this with hardware robots...

  • Jan 12

    Most in demand NoSQL databases software for 2019

    In this article, we have mentioned the analyzed result of most in demand NoSQL database softwares for 2019...

  • Jan 10

    Kotlin : Android App Development Choice

    Kotlin is a general-purpose open-source programming language. It runs on the JVM and its syntax is much like Java...

Follow us

  • etutorialspoint facebook
  • etutorialspoint twitter
  • etutorialspoint linkedin
etutorialspoint youtube
About Us      Contact Us


  • eTutorialsPoint©Copyright 2016-2021. All Rights Reserved.