Monday 17 October 2016

PHP Login Registration Form with md5() Password Encryption

           ,      12 comments   
Hello friends in this tutorial we are going to discuss simple php login registration system with password encryption method by using php md5() built in function. This is very simple php code but most effective because in this we have not store password in string format but we have encrypt password and then after we have store password into our database. So no one can hack password because it was encrypt by using md5() php function. In most of the php application there is login is the one part of any web application. And No one can access the web application without login. So For login he can enter it's password for log into web application. If we have store password in simple string format then any one can hack password but if we have store password in encrypt format then no one can hack password. So this things we have discuss here, here we have show how to encrypt password and store into our web application and we have also show we can validate encrypted password. This all things we will discuss here. Here when new user register to this system then at that time password has been encrypted by using md5() function. This function will encrypt user password and store that encrypted password in database and when user come for login then user enter his password and when system validate user information then at that time also password has been encrypt and validate user information by using that encrypted password, this is because in database table we have already inserted encrypted password. This for prevent from password hacking.



Source Code



 --  
 -- Table structure for table `users`  
 --  
 CREATE TABLE IF NOT EXISTS `users` (  
  `id` int(11) NOT NULL AUTO_INCREMENT,  
  `username` varchar(250) NOT NULL,  
  `password` varchar(250) NOT NULL,  
  PRIMARY KEY (`id`)  
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;  
 --  
 -- Dumping data for table `users`  
 --


index.php



 <?php  
 $connect = mysqli_connect("localhost", "root", "", "testing");  
 session_start();  
 if(isset($_SESSION["username"]))  
 {  
      header("location:entry.php");  
 }  
 if(isset($_POST["register"]))  
 {  
      if(empty($_POST["username"]) && empty($_POST["password"]))  
      {  
           echo '<script>alert("Both Fields are required")</script>';  
      }  
      else  
      {  
           $username = mysqli_real_escape_string($connect, $_POST["username"]);  
           $password = mysqli_real_escape_string($connect, $_POST["password"]);  
           $password = md5($password);  
           $query = "INSERT INTO users (username, password) VALUES('$username', '$password')";  
           if(mysqli_query($connect, $query))  
           {  
                echo '<script>alert("Registration Done")</script>';  
           }  
      }  
 }  
 if(isset($_POST["login"]))  
 {  
      if(empty($_POST["username"]) && empty($_POST["password"]))  
      {  
           echo '<script>alert("Both Fields are required")</script>';  
      }  
      else  
      {  
           $username = mysqli_real_escape_string($connect, $_POST["username"]);  
           $password = mysqli_real_escape_string($connect, $_POST["password"]);  
           $password = md5($password);  
           $query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";  
           $result = mysqli_query($connect, $query);  
           if(mysqli_num_rows($result) > 0)  
           {  
                $_SESSION['username'] = $username;  
                header("location:entry.php");  
           }  
           else  
           {  
                echo '<script>alert("Wrong User Details")</script>';  
           }  
      }  
 }  
 ?>  
 <!DOCTYPE html>  
 <html>  
      <head>  
           <title>Webslesson Tutorial | PHP Login Registration Form with md5() Password Encryption</title>  
           <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>  
           <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />  
           <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>  
      </head>  
      <body>  
           <br /><br />  
           <div class="container" style="width:500px;">  
                <h3 align="center">PHP Login Registration Form with md5() Password Encryption</h3>  
                <br />  
                <?php  
                if(isset($_GET["action"]) == "login")  
                {  
                ?>  
                <h3 align="center">Login</h3>  
                <br />  
                <form method="post">  
                     <label>Enter Username</label>  
                     <input type="text" name="username" class="form-control" />  
                     <br />  
                     <label>Enter Password</label>  
                     <input type="password" name="password" class="form-control" />  
                     <br />  
                     <input type="submit" name="login" value="Login" class="btn btn-info" />  
                     <br />  
                     <p align="center"><a href="index.php">Register</a></p>  
                </form>  
                <?php       
                }  
                else  
                {  
                ?>  
                <h3 align="center">Register</h3>  
                <br />  
                <form method="post">  
                     <label>Enter Username</label>  
                     <input type="text" name="username" class="form-control" />  
                     <br />  
                     <label>Enter Password</label>  
                     <input type="password" name="password" class="form-control" />  
                     <br />  
                     <input type="submit" name="register" value="Register" class="btn btn-info" />  
                     <br />  
                     <p align="center"><a href="index.php?action=login">Login</a></p>  
                </form>  
                <?php  
                }  
                ?>  
           </div>  
      </body>  
 </html>


entry.php


 <?php  
 //entry.php  
 session_start();  
 if(!isset($_SESSION["username"]))  
 {  
      header("location:index.php?action=login");  
 }  
 ?>  
 <!DOCTYPE html>  
 <html>  
      <head>  
           <title>Webslesson Tutorial | PHP Login Registration Form with md5() Password Encryption</title>  
           <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>  
           <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />  
           <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>  
      </head>  
      <body>  
           <br /><br />  
           <div class="container" style="width:500px;">  
                <h3 align="center">PHP Login Registration Form with md5() Password Encryption</h3>  
                <br />  
                <?php  
                echo '<h1>Welcome - '.$_SESSION["username"].'</h1>';  
                echo '<label><a href="logout.php">Logout</a></label>';  
                ?>  
           </div>  
      </body>  
 </html>

logout.php


 <?php  
 //logout.php  
 session_start();  
 session_destroy();  
 header("location:index.php?action=login");  
 ?>

12 comments:

  1. Unknown20 November 2016 at 04:38

    I thought to checking the user name from Database before Registration, Because their might be possibility of users giving the same Username. Their will be huge conflict, Apart form that the code is Perfect. Thank you

    ReplyDelete
    Replies
    1. Nilton Oliveira12 September 2020 at 09:57

      When creating the table, put username as:
      `username` varchar(250) NOT NULL UNIQUE,

      As many fields as you want:
      ........
      PRIMARY KEY (`id`),
      UNIQUE KEY `usersData` (`id`,`username`,`password`),
      .......
      .....
      ...

      Delete
    2. Nilton Oliveira12 September 2020 at 10:13

      You can also modify the field in the table:
      ALTER TABLE `users`
      ADD CONSTRAINT constraint_username UNIQUE KEY(`username`);

      Delete
  2. Nicole28 May 2017 at 05:36

    Very nice code thank you. It's works very well. Could you give me the correction for possibility of users giving the same Username . Thank you !

    ReplyDelete
  3. Unknown6 December 2017 at 00:26

    Thank you so much, Sir.

    ReplyDelete
  4. Unknown6 December 2017 at 00:26

    Thank you so much, Sir.. Because of your videos i learned a lot.

    ReplyDelete
  5. Unknown14 October 2019 at 08:10

    Greetings from Zambia. i love the tutorial, it makes sense, however it would have made more sense if only sound was better........thank you!

    ReplyDelete
  6. Gemchis Dawo6 March 2020 at 23:04

    It's Very Nice Explanation I Use It To My Project Code And It's Working Thanks A Lot!

    ReplyDelete
  7. Unknown21 December 2020 at 08:12

    Thank you so much, Sir.

    Reply

    ReplyDelete
  8. Unknown21 December 2020 at 08:13

    Your comment will be visible after approval.

    ReplyDelete
  9. Unknown21 December 2020 at 08:13

    How to make Zebra Stripes Table with PHP Mysql

    ReplyDelete