Lately, I have been receiving a lot of emails on how to create a basic login and registration system by using plain PHP and MySQL. I have made this series just to teach you about the Basic Authentication, i.e. registering a user into the database and then logging the user to the system. We will also encrypt the password using PHP’s native function which uses the Bcrypt Algorithm. In a nutshell, this series will contain seven videos. What will you learn? At the end of this series, you will learn to create a basic authentication system for your application using PHP and MySQL.
- Create Database Schema and Folder Structure
- Create a Simple Login Page
- Create a Simple Registration Page
- Create Connection with the database
- Register User in the Database
- Authenticate User into the System
- Securing Pages from Invalid User
Create Database Schema and Folder Structure
Step 1. Create a Database with the name tutorials
Step 2. Create a table inside the tutorials database with the name t_login
Step 3. Create Folder Structure to work with
Create a Simple Login Page
Create a Simple Registration Page
Create Connection with the Database
This class contains all the business logic for the application that deals with the database transaction. This way the code looks cleaner and more maintainable.
The above code is used to create connection with the database. It uses PDO class, the PHP Data Objects (PDO) extension defines a lightweight, consistent interface for accessing databases in PHP. Each database driver that implements the PDO interface can expose database-specific features as regular extension functions. It is the preferred way for making connection to the database.
In this class, we create a constructor which holds the code for making connection to the database. As soon as the object of this class is created, it gets initialized and a connection to the database is made. A separate class for holding database connection and all the related business logic helps to maintain the modularity of the application.
Register User in the Database
Create a file with the name registerUser.php. The registerUser.php file lies inside process folder. This file is responsible for receiving the data sent from the registeration form with the help of $_POST superglobal variable. We pass the name of the input field we want to fetch the data from and save it to its corresponding variable.
Then we load the DBConnect.php class which resides inside classes folder and create its object. We use the object to access the function that we created inside of the DBConnect class.
Authenticate User into the Database System
Create a file named authUser.php inside your process folder and paste the following code in it.
Securing Pages from Unauthorised User
If the login is successful we would like to send the user to his/her profile or home page. We do not want any intruder to access the page without having to pass through proper login. Therefore, the pages must only be accessible if the user has been authenticated successfully. For that we must provide some sort of authentication on each page to prevent unauthorised users from accessing it. We do this by using session variables.
Create a new file in the root folder and give it a name as home.php. Copy the following code into the file and save it. Then navigate to the home.php file without passing through the login form and you will be redirected back to the login form. Now, try again, but this time through the login form and you will be able to access the page successfully. 🙂
I hope you learned the basic authentication successfully. If you have any problem or any query, then you may comment below. I will be very active to solve any of your queries and help you grasp each and every part of it.
For full tutorial series, visit our youtube channel, and don’t forget to subscribe.
One Life, Rise & Shine