PHP MySQL register and login form with validation

Step 1: db_user (Creating the users table)

You have a SQL statement that creates a table for storing user data. The table includes columns for id, email, password, and created_at. This will be the structure for user authentication.

CREATE TABLE users (
    id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
    email VARCHAR(50) NOT NULL UNIQUE,
    password VARCHAR(255) NOT NULL,
    created_at DATETIME DEFAULT CURRENT_TIMESTAMP
);

Step 2: config.php (Database connection)

This PHP script defines the database connection details and connects to the MySQL server.

<?php
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'root');
define('DB_PASSWORD', '123456');
define('DB_NAME', 'login_system');
 
$conection_db = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);

if($conection_db === false){
    die("ERROR: Could not connect. " . mysqli_connect_error());
}
?>

Step 3: php_register.php (Registration logic)

This script handles user registration, including validating inputs, checking for existing email addresses, and inserting user data into the database. It also hashes the password using password_hash.

if($_SERVER["REQUEST_METHOD"] == "POST") {
    // Validate email, password, and confirm password...
    // If valid, insert into the database
    $sql = "INSERT INTO users (email, password) VALUES (?, ?)";
    if($stmt = mysqli_prepare($conection_db, $sql)){
        mysqli_stmt_bind_param($stmt, "ss", $param_email, $param_password);
        // Set parameters
        $param_email = $email;
        $param_password = password_hash($password, PASSWORD_DEFAULT);
        if(mysqli_stmt_execute($stmt)){
            header("location: login.php");
        } else {
            echo "Something went wrong. Please try again later.";
        }
        mysqli_stmt_close($stmt);
    }
    mysqli_close($conection_db);
}

Step 4: sign-up.html (Registration Form)

This HTML form allows users to input their email and password and confirm their password to register.

<form action="<?= htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
    <input type="email" name="email" value="<?= $email; ?>" placeholder="Email" />
    <span><?= $email_err; ?></span>
    <input type="password" name="password" placeholder="Password" />
    <span><?= $password_err; ?></span>
    <input type="password" name="confirm_password" placeholder="Confirm Password" />
    <span><?= $confirm_password_err; ?></span>
    <button type="submit">Signup</button>
</form>

Step 5: login.php (Login Form)

This form allows users to enter their email and password to log in. If the credentials are correct, the user will be redirected to the welcome.php page.

<form action="<?= htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
    <input type="email" name="email" value="<?= $email; ?>" placeholder="Email" />
    <span><?= $email_err; ?></span>
    <input type="password" name="password" placeholder="Password" />
    <span><?= $password_err; ?></span>
    <button type="submit">Signin</button>
</form>

Step 6: php_login.php (Login logic)

This PHP script validates user credentials. If the email and password match, it starts a session and redirects to welcome.php.

if($_SERVER["REQUEST_METHOD"] == "POST") {
    // Validate email and password...
    if(empty($email_err) && empty($password_err)) {
        $sql = "SELECT id, email, password FROM users WHERE email = ?";
        if($stmt = mysqli_prepare($conection_db, $sql)) {
            mysqli_stmt_bind_param($stmt, "s", $param_email);
            if(mysqli_stmt_execute($stmt)) {
                mysqli_stmt_store_result($stmt);
                if(mysqli_stmt_num_rows($stmt) == 1) {
                    mysqli_stmt_bind_result($stmt, $id, $email, $hashed_password);
                    if(mysqli_stmt_fetch($stmt)) {
                        if(password_verify($password, $hashed_password)){
                            session_start();
                            $_SESSION["loggedin"] = true;
                            $_SESSION["id"] = $id;
                            $_SESSION["email"] = $email;
                            header("location: welcome.php");
                        } else {
                            $password_err = "The password you entered was not valid.";
                        }
                    }
                } else {
                    $email_err = "No account found with that email.";
                }
            }
            mysqli_stmt_close($stmt);
        }
    }
    mysqli_close($conection_db);
}

Step 7: welcome.php (Dashboard)

After a successful login, users are redirected to this page, where their email is displayed.

<?php
session_start();
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
    header("location: login.php");
    exit;
}
?>

<p>Email: <?php echo $_SESSION['email']; ?></p>
<a href="logout.php">Logout</a>

Step 8: logout.php (Logout)

This file handles the logout process by destroying the session and redirecting the user to the login page.

<?php
session_start();
$_SESSION = array();
session_destroy();
header("location: login.php");
exit;
?>

This is a complete setup for a login system with registration, login, and a basic user dashboard. You can expand this system by adding additional features like password recovery, session management, and more. Let me know if you'd like to make any adjustments or need further assistance!