Hello friends in this tutorial we are going to discuss simple php login registration system with password encryption method by using php md5() built in function. This is very simple php code but most effective because in this we have not store password in string format but we have encrypt password and then after we have store password into our database. So no one can hack password because it was encrypt by using md5() php function. In most of the php application there is login is the one part of any web application. And No one can access the web application without login. So For login he can enter it's password for log into web application. If we have store password in simple string format then any one can hack password but if we have store password in encrypt format then no one can hack password. So this things we have discuss here, here we have show how to encrypt password and store into our web application and we have also show we can validate encrypted password. This all things we will discuss here. Here when new user register to this system then at that time password has been encrypted by using md5() function. This function will encrypt user password and store that encrypted password in database and when user come for login then user enter his password and when system validate user information then at that time also password has been encrypt and validate user information by using that encrypted password, this is because in database table we have already inserted encrypted password. This for prevent from password hacking.
Source Code
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(250) NOT NULL,
`password` varchar(250) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
--
-- Dumping data for table `users`
--
index.php
<?php
$connect = mysqli_connect("localhost", "root", "", "testing");
session_start();
if(isset($_SESSION["username"]))
{
header("location:entry.php");
}
if(isset($_POST["register"]))
{
if(empty($_POST["username"]) && empty($_POST["password"]))
{
echo '<script>alert("Both Fields are required")</script>';
}
else
{
$username = mysqli_real_escape_string($connect, $_POST["username"]);
$password = mysqli_real_escape_string($connect, $_POST["password"]);
$password = md5($password);
$query = "INSERT INTO users (username, password) VALUES('$username', '$password')";
if(mysqli_query($connect, $query))
{
echo '<script>alert("Registration Done")</script>';
}
}
}
if(isset($_POST["login"]))
{
if(empty($_POST["username"]) && empty($_POST["password"]))
{
echo '<script>alert("Both Fields are required")</script>';
}
else
{
$username = mysqli_real_escape_string($connect, $_POST["username"]);
$password = mysqli_real_escape_string($connect, $_POST["password"]);
$password = md5($password);
$query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$result = mysqli_query($connect, $query);
if(mysqli_num_rows($result) > 0)
{
$_SESSION['username'] = $username;
header("location:entry.php");
}
else
{
echo '<script>alert("Wrong User Details")</script>';
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Webslesson Tutorial | PHP Login Registration Form with md5() Password Encryption</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
</head>
<body>
<br /><br />
<div class="container" style="width:500px;">
<h3 align="center">PHP Login Registration Form with md5() Password Encryption</h3>
<br />
<?php
if(isset($_GET["action"]) == "login")
{
?>
<h3 align="center">Login</h3>
<br />
<form method="post">
<label>Enter Username</label>
<input type="text" name="username" class="form-control" />
<br />
<label>Enter Password</label>
<input type="password" name="password" class="form-control" />
<br />
<input type="submit" name="login" value="Login" class="btn btn-info" />
<br />
<p align="center"><a href="index.php">Register</a></p>
</form>
<?php
}
else
{
?>
<h3 align="center">Register</h3>
<br />
<form method="post">
<label>Enter Username</label>
<input type="text" name="username" class="form-control" />
<br />
<label>Enter Password</label>
<input type="password" name="password" class="form-control" />
<br />
<input type="submit" name="register" value="Register" class="btn btn-info" />
<br />
<p align="center"><a href="index.php?action=login">Login</a></p>
</form>
<?php
}
?>
</div>
</body>
</html>
entry.php
<?php
//entry.php
session_start();
if(!isset($_SESSION["username"]))
{
header("location:index.php?action=login");
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Webslesson Tutorial | PHP Login Registration Form with md5() Password Encryption</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
</head>
<body>
<br /><br />
<div class="container" style="width:500px;">
<h3 align="center">PHP Login Registration Form with md5() Password Encryption</h3>
<br />
<?php
echo '<h1>Welcome - '.$_SESSION["username"].'</h1>';
echo '<label><a href="logout.php">Logout</a></label>';
?>
</div>
</body>
</html>
logout.php
<?php
//logout.php
session_start();
session_destroy();
header("location:index.php?action=login");
?>
I thought to checking the user name from Database before Registration, Because their might be possibility of users giving the same Username. Their will be huge conflict, Apart form that the code is Perfect. Thank you
ReplyDeleteWhen creating the table, put username as:
Delete`username` varchar(250) NOT NULL UNIQUE,
As many fields as you want:
........
PRIMARY KEY (`id`),
UNIQUE KEY `usersData` (`id`,`username`,`password`),
.......
.....
...
You can also modify the field in the table:
DeleteALTER TABLE `users`
ADD CONSTRAINT constraint_username UNIQUE KEY(`username`);
Very nice code thank you. It's works very well. Could you give me the correction for possibility of users giving the same Username . Thank you !
ReplyDeleteThank you so much, Sir.
ReplyDeleteThank you so much, Sir.. Because of your videos i learned a lot.
ReplyDeleteGreetings from Zambia. i love the tutorial, it makes sense, however it would have made more sense if only sound was better........thank you!
ReplyDeleteWow am from Zambia too
DeleteIt's Very Nice Explanation I Use It To My Project Code And It's Working Thanks A Lot!
ReplyDeleteThank you so much, Sir.
ReplyDeleteReply
Your comment will be visible after approval.
ReplyDeleteHow to make Zebra Stripes Table with PHP Mysql
ReplyDelete