PHP Secure Login System
This tutorial explains how to create a secure login system in PHP using PDO, password hashing, and sessions.
Step 1: Create User Table
CREATE TABLE users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL
);<?php // db.php — Database connection using PDO $host = 'localhost'; // or your DB host $db = 'your_database'; // replace with your DB name $user = 'root'; // DB username $pass = ''; // DB password $charset = 'utf8mb4'; $dsn = "mysql:host=$host;dbname=$db;charset=$charset"; $options = [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, // Enable exceptions PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, // Fetch associative arrays PDO::ATTR_EMULATE_PREPARES => false, // Use real prepared statements ]; try { $pdo = new PDO($dsn, $user, $pass, $options); } catch (PDOException $e) { // Handle error gracefully echo "Database connection failed: " . $e->getMessage(); exit; } ?>Step 2: Register User (register.php)
<?php require 'db.php'; if ($_SERVER["REQUEST_METHOD"] === "POST") { $username = $_POST['username']; $password = password_hash($_POST['password'], PASSWORD_DEFAULT); $stmt = $pdo->prepare("INSERT INTO users (username, password) VALUES (?, ?)"); $stmt->execute([$username, $password]); echo "User registered successfully."; } ?>Step 3: Login User (login.php)
<?php session_start(); require 'db.php'; if ($_SERVER["REQUEST_METHOD"] === "POST") { $username = $_POST['username']; $password = $_POST['password']; $stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?"); $stmt->execute([$username]); $user = $stmt->fetch(); if ($user && password_verify($password, $user['password'])) { $_SESSION['user'] = $user['username']; echo "Login successful."; } else { echo "Invalid credentials."; } } ?>Step 4: Logout (logout.php)
<?php session_start(); session_destroy(); header("Location: login.php"); exit; ?>
यह ट्यूटोरियल PHP में सुरक्षित लॉगिन सिस्टम बनाना सिखाता है जिसमें PDO, पासवर्ड हैशिंग और सेशन का उपयोग होता है।