How to Learn How to Login PHP in Mysql

1. Database Setup (MySQL)

First, create your database and user table:

CREATE DATABASE loginphp;

USE loginphp;

CREATE TABLE users (
    id INT AUTO_INCREMENT PRIMARY KEY,
    username VARCHAR(50) NOT NULL UNIQUE,
    password VARCHAR(255) NOT NULL
);

To register users, store hashed passwords like this:

$hashed_password = password_hash($password, PASSWORD_DEFAULT);

2. Secure Login System

This includes secure authentication, password hashing, and a redirect after login.

login.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Login Form</title>
    <link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
    <div class="loginbox">
        <img src="Logo1.png" class="avatar" alt="Logo">
        <form method="post" action="login.php">
            <h1>Login Here</h1>

            <label for="username">Username</label>
            <input type="text" id="username" name="username" placeholder="Enter Username" required>
            
            <label for="password">Password</label>
            <input type="password" id="password" name="password" placeholder="Enter Password" required>
            
            <input type="submit" name="login" value="Sign in">
            
            <a href="forgot_password.html">Forgot password?</a><br>
            Not a member? <a href="register.html">Create a New Account</a>
        </form>
    </div>
</body>
</html>

login.php (Secure Authentication)

<?php
session_start();
$conn = new mysqli("localhost", "root", "", "loginphp");

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

if (isset($_POST["login"])) {
    $username = trim($_POST["username"]);
    $password = trim($_POST["password"]);

    if (!empty($username) && !empty($password)) {
        $stmt = $conn->prepare("SELECT id, password FROM users WHERE username = ?");
        $stmt->bind_param("s", $username);
        $stmt->execute();
        $stmt->store_result();
        
        if ($stmt->num_rows > 0) {
            $stmt->bind_result($user_id, $hashed_password);
            $stmt->fetch();

            if (password_verify($password, $hashed_password)) {
                $_SESSION["user_id"] = $user_id;
                $_SESSION["username"] = $username;
                header("Location: dashboard.php");
                exit();
            } else {
                echo "Incorrect password.";
            }
        } else {
            echo "Username not found.";
        }
        $stmt->close();
    } else {
        echo "All fields are required!";
    }
}

$conn->close();
?>

register.html (Sign-Up Page)

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Register</title>
    <link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
    <div class="registerbox">
        <h1>Create an Account</h1>
        <form method="post" action="register.php">
            <label for="username">Username</label>
            <input type="text" id="username" name="username" placeholder="Enter Username" required>

            <label for="password">Password</label>
            <input type="password" id="password" name="password" placeholder="Enter Password" required>
            
            <input type="submit" name="register" value="Sign Up">
        </form>
    </div>
</body>
</html>

register.php (User Registration)

<?php
$conn = new mysqli("localhost", "root", "", "loginphp");

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

if (isset($_POST["register"])) {
    $username = trim($_POST["username"]);
    $password = trim($_POST["password"]);

    if (!empty($username) && !empty($password)) {
        $hashed_password = password_hash($password, PASSWORD_DEFAULT);

        $stmt = $conn->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
        $stmt->bind_param("ss", $username, $hashed_password);
        
        if ($stmt->execute()) {
            echo "Account created successfully. <a href='login.html'>Login here</a>";
        } else {
            echo "Error: Username may already exist.";
        }

        $stmt->close();
    } else {
        echo "All fields are required!";
    }
}

$conn->close();
?>

3. Dashboard Page (After Login)

dashboard.php

<?php
session_start();
if (!isset($_SESSION["user_id"])) {
    header("Location: login.html");
    exit();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Dashboard</title>
</head>
<body>
    <h1>Welcome, <?php echo htmlspecialchars($_SESSION["username"]); ?>!</h1>
    <a href="logout.php">Logout</a>
</body>
</html>

4. Logout System

logout.php

<?php
session_start();
session_destroy();
header("Location: login.html");
exit();
?>

5. Forgot Password (Optional)

forgot_password.html

<form method="post" action="reset_password.php">
    <label for="username">Enter your username:</label>
    <input type="text" id="username" name="username" required>
    <input type="submit" name="reset" value="Reset Password">
</form>

Final Notes

Security Best Practices:
- Use password hashing (password_hash(), password_verify()).
- Use prepared statements to prevent SQL injection.
- Redirect users properly after login/logout.
- Use HTTPS on your website.
Next Steps:
- Style the form with CSS (style.css).
- Add email verification for password resets.
- Implement user roles (admin, user, etc.).

Would you like help styling the form or adding extra security?

Souy Soeng

How to Learn How to Login PHP in Mysql | XAMPP