antwan
10/12/2019 - 1:08 PM
PHP MySQL Login System
<?php
ob_start();
session_start();
error_reporting(E_ALL);
ini_set("display_errors", 1);
require_once "config.php";
$message = '';
$_SESSION['accName'] = '';
if (isset($_POST['login']) && !empty($_POST['name']) && !empty($_POST['password'])) {
$postLogin = mysqli_real_escape_string($conn, $_POST['name']);
$sql = "SELECT * FROM users WHERE name = '$postLogin'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
if ($_POST['name'] == $row["name"]) {
$postPassword = mysqli_real_escape_string($conn, $_POST['password']);
if (password_verify($postPassword, $row["hash"])) {
$_SESSION['loggedIn'] = true;
$_SESSION['accName'] = $row["name"];
$_SESSION['accId'] = $row["id"];
} else {
$message = 'You have entered a wrong password.';
}
}
}
} else {
$message = 'No account was found with that name.';
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>PHP MySQL Login</title>
</head>
<body>
<form role="form" method="post">
<input type="text" placeholder="Name" name="name" required="required">
<input type="password" placeholder="Password" name="password" required="required">
<p><?php echo $message ?></p>
<button type="submit" name="login">Log In</button>
</form>
</body>
</html><?php
ob_start();
session_start();
error_reporting(E_ALL);
ini_set("display_errors", 1);
require_once "config.php";
$message = "";
if (isset($_POST['signup']) && !empty($_POST['name']) && !empty($_POST['password']) && !empty($_POST['email'])) {
$inputName = mysqli_real_escape_string($conn, $_POST['name']);
$inputPassword = mysqli_real_escape_string($conn, $_POST['password']);
$inputEmail = mysqli_real_escape_string($conn, $_POST['email']);
$sql = "SELECT * FROM users WHERE name = '$inputName'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {
$message = "The chosen name is already in use.";
}
} else {
$password_hash = password_hash($inputPassword, PASSWORD_BCRYPT);
$sql = "INSERT INTO users (name, hash, email) VALUES ('$inputName', '$password_hash', '$inputEmail')";
if ($conn->query($sql) === TRUE) {
$message = "Your account has been created.";
} else {
$message = "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>PHP MySQL Sign Up</title>
</head>
<body>
<form role="form" method="post">
<input type="text" placeholder="Name" name="name" required="required">
<input type="password" placeholder="Password" name="password" required="required">
<input type="email" placeholder="Email" name="email" required="required">
<p><?php echo $message ?></p>
<button type="submit" name="signup">Create Account</button>
</form>
</body>
</html><?php
$servername = "";
$username = "";
$password = "";
$dbname = "";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
?>