Today i will explain how to create Login page very easy using PHP and OOP concept and PDO (PHP DATA OBJECT) database, in this tutorial I will implement.
Before moving towards the tutorial we need first PDO is improved extension it's must be used in PHP. Its create strong security and and function maintaining a user session very easy using oops so let's see the tutorial.
What is mean by PDO?
The PHP Data Objects (PDO) extension defines a Light weight, Interface for Accessing Databases in PHP. It defines consistent API for working with various database systems. PDO represents between PHP and Database Sever.
First Create a Database named as your wishes and I created name "dailyaspirants". And then create a table named as users.
CREATE DATABASE dailyaspirants;
CREATE TABLE users(userid int primary key auto_increment not null,firstname varchar(30) not null, lastname varchar(30) not null,email varchar(40) not null,password varchar(25) not null,confirmpassword varchar(25));
File Structure - Create Empty File named as .PHP:
1.dbconfig.php
2.index.php
3.signup.php
4.user.php
5.home.php
6.logout.php
1.dbconfig.php
<?php
class database
{
private $host="localhost";
private $uname="root";
private $password="";
private $db_name="dailyaspirants";
public $conn;
public function dbconnection()
{
$this->conn=null;
try{
$this->conn=new PDO("mysql:host=".$this->host. ";dbname=" .$this->db_name,$this->uname,$this->password);
$this->conn->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e){
echo "connection error".$e->getMessage();
}
return $this->conn;
}
}
?>
2.index.php
<?php
session_start();
require_once 'user.php';
$login=new USER();
if($login->logged_in()!="")
{
$login->redirect('home.php');
}
if(isset($_POST['submit'])){
$username=trim($_POST['email']);
$password=trim($_POST['password']);
if($login->login($username,$password))
{
$login->redirect('home.php');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<form method="post">
<input type="text" name="email" placeholder="email" />
<input type="password" name="password" placeholder="password" />
<input type="submit" name="submit" value="Submit"/>
<a href="signup.php" >signup</a>
</form>
</body>
</html>
trim->The trim() function removes white space and other predefined characters from both sides of a string.
3.signup.php
<?php
session_start();
require_once 'user.php';
$user=new USER();
if(isset($_POST['submit'])){
$fname=trim($_POST['firstname']);
$lname=trim($_POST['lastname']);
$email=trim($_POST['email']);
$pass=trim($_POST['password']);
$conpass=trim($_POST['confirmpassword']);
$stmt=$user->query("select * from users where email=:email_id");
$stmt->execute(array(":email_id"=>$email));
$row=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() > 0)
{
$msg = " <strong>Sorry !</strong> email already exists , Please Try another one ";
}
else{
$user->register($fname,$lname,$email,$pass,$conpass);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?php if(isset($msg))echo $msg; ?>
<form method="post">
<input type="text" name="firstname" placeholder="firstname" /><br />
<input type="text" name="lastname" placeholder="lastname" /><br />
<input type="email" name="email" placeholder="Email" /><br />
<input type="password" name="password" placeholder="password" /><br />
<input type="password" name="confirmpassword" placeholder="confirmpassword" /><br />
<input type="submit" name="submit" value="submit" /><br />
</form>
</body>
</html>
4.user.php
<?php
require_once 'db.php';
class USER
{
private $conn;
public function __construct()
{
$database=new database();
$db=$database->dbConnection();
$this->conn=$db;
}
public function login($username,$password)
{
try
{
$stmt=$this->conn->prepare("select * from users where email=:email_id and password=:password_details");
$stmt->execute(array(":email_id"=>$username,":password_details"=>$password));
$result=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
$_SESSION['username']=$result['email'];
return true;
}
else{
header("loaction:index.php");
exit();
}
}
catch(PDOException $e){
echo "error".$e->getMessage();
}
}
public function redirect($url)
{
header("location:$url");
}
public function logged_in(){
if(isset($_SESSION['username'])){return true;}
}
public function logout()
{
session_destroy();
$_SESSION['username'] = false;
}
public function query($sql){
$stmt=$this->conn->prepare($sql);
return $stmt;
}
public function register($fname,$lname,$email,$pass,$conpass)
{
try{
$password=md5($pass);
$confirmpassword=md5($conpass);
$stmt=$this->conn->prepare("insert into users (firstname,lastname,email,password,confirmpassword) values (:fname,:lname,:email,:pass,:conpass)");
$stmt->bindparam(':fname',$fname);
$stmt->bindparam(':lname',$lname);
$stmt->bindparam(':email',$email);
$stmt->bindparam(':pass',$password);
$stmt->bindparam(':conpass',$confirmpassword);
$stmt->execute();
return $stmt;
}catch(PDOException $e){echo "error" .$e->getMessage();}
}
}
?>
what is mean by bindparam?
->With bindparam you can only pass variables , not values
->works only with variables because it allows parameters to be given as input/output, by reference.
->md5 is an function that can be calculate the hash of the string .The function uses RSA data for security...
->md5 is easy change the password to encrypted.
5.home.php
<?php
session_start();
require_once 'user.php';
$user=new USER();
if(!$user->logged_in()){
$user->redirect('index.php');
}
$stmt=$user->query("select * from users where email=:email_id");
$stmt->execute(array(":email_id"=>$_SESSION['username']));
$row=$stmt->fetch(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
hi <?php echo $row['email'];?> <a href="logout.php">logout</a>
</body>
</html>
6.logout.php
<?php
session_start();
require_once 'user.php';
$user = new USER();
if(!$user->logged_in())
{
$user->redirect('index.php');
}
if($user->logged_in()!="")
{
$user->logout();
$user->redirect('index.php');
}
?>
In this step we are created login page every easy using php and pdo database.
That's all, this is how to Login system in PHP. You can customize this code further as per your requirement. And please feel free to give comments on this tutorial.