In this tutorial, we will use PHP to create a simple PHP and MySQL database user login / registration script tutorial. In this script, the form will have two fields, username and password are displayed. When a user with a valid user name and password, then he can access authentication (my account) page. Otherwise, the user again to fill out a form.

The following files and directories we want to create.
CSS
– Style.css file
INC
– Connection.php
– Functions.php file
The index.php
signup.php
The login.php
I -account.php
logout.php
We will include top connection.php and functions.php file for each file. In connection.php file, we will save your information and create a MySQL database connection. functions.php file will contain our simplest and most commonly used functions.

Let’s create a MySQL table
Simple table, named “User” 3. You can also use the tablet, and if you have created.

CREATE TABLE IF NOT EXISTS `users` (
  `id` bigint(20) NOT NULL AUTO_INCREMENT,
  `username` varchar(50) CHARACTER SET utf8 NOT NULL,
  `password` varchar(42) CHARACTER SET utf8 NOT NULL,
  PRIMARY KEY (`id`)
)

MYSQL connection file connection.php

<?php session_start(); 
$db_username = 'root'; 
// Your MYSQL Username. $db_password = ''; 
// Your MYSQL Password. $db_name = 'database_name_here'; 
// MYSQL Database Name. $db_host = 'localhost';
 $conDB = mysqli_connect($db_host, $db_username,
 $db_password,$db_name)or 
die('Error: Could not connect to MySQL database.'); ?>

If you find that we are using PHP mysql_query () here, is not an ordinary mysql_connect () function, I = on behalf of improved promotion, development to take advantage of the new system, new features in MySQL. PHP encourage everyone to use mysqli * instead of the regular mysqli * expansion, which will be completely removed in a future version of PHP.

Index page: index.php file

<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Welcome -  OTallu.com</title>
<link type="text/css" rel="stylesheet" href="css/style.css" media="all">
</head>
<body>

<div class="wrap">

<h2>Welcome to My Website</h2>

This is the main index page.
<a href="login.php">Login</a> / <a href="signup.php">Signup</a> 
</div>

</body>
</html>

Registration page: signup.php

<?php include_once('inc/connection.php'); include_once('inc/functions.php'); if (isset($_POST['signup_submit'])) : // If form is submitted $username = mres($_POST['username']); $password = mres($_POST['password']); $confirm_password = mres($_POST['confirm_password']); $hashed_password = sha1($password); // Check if all fields are empty. if ($username == '' || $password == '' || $confirm_password == '') $error[] = "All fields are required."; // Check if that username is already exists. $find_user = mysqli_query ($conDB,"SELECT * FROM `users` WHERE `username` = '".$username."'"); if (mysqli_num_rows($find_user) != 0) $error[] = "That username is already exist."; // Check if confirm password did not match. if (empty($error) && $confirm_password != $password) $error[] = "Confirm Password did not match."; // If no errors then go ahead. if (empty($error)){ $result = mysqli_query($conDB," INSERT INTO `users` ( `username`, `password` ) VALUES ( '".$username."', '".$hashed_password."' )"); if(confirm_query($result)) { redirect('login.php?signup=1'); } } endif; ?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Sign Up - OTallu.com</title>
<link type="text/css" rel="stylesheet" href="css/style.css" media="all">
</head>
<body>

<div class="wrap">

<h2>Sign Up</h2>

<?php display_error(); ?>

<form action="signup.php" method="post">
<input type="text" name="username" placeholder="Username" value="<?php echo (isset($username))? $username : ''; ?>" required>
<input type="password" name="password" placeholder="Password" required>
<input type="password" name="confirm_password" placeholder="Confirm Password" required>
<input type="submit" name="signup_submit" value="Sign Up">
</form>

<a href="login.php">Already have an account?</a>
</div>

</body>
</html>

Login page: login.php 

<?php include_once('inc/connection.php'); include_once('inc/functions.php'); if (isset($_GET['login_required'])) $error[] = "You must be logged in to access this page."; if (isset($_POST['login_submit'])) : // If form is submitted $username = mres($_POST['username']); $password = mres($_POST['password']); // Check if all fields are emptyy. if ($username == '' || $password == '') $error[] = "All fields are required."; if (empty($error)) { $hashed_password = sha1($password); // Check if submitted info is correct or not. $check = mysqli_query($conDB,"SELECT * FROM `users` WHERE `username` = '".$username."' AND `password` = '".$hashed_password."'"); if (mysqli_num_rows($check) == 1) { // User found, now set session and proceed to my-account page. $_SESSION['loggedin_user'] = $username; redirect('my-account.php'); } else { $error[] = "Incorrect username or password."; } } endif; ?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Login - OTallu.com</title>
<link type="text/css" rel="stylesheet" href="css/style.css" media="all">
</head>
<body>



<div class="wrap">
<?php
// Will display this message if returning from signup page.
if (isset($_GET['signup'])) echo '



<div class="message">Thank you for signing up.</div>



'; 
?>



<h2>Login</h2>



<?php display_error(); ?>



<form action="login.php" method="post">
<input type="text" name="username" placeholder="Username" value="<?php echo (isset($username))? $username : ''; ?>" required>
<input type="password" name="password" placeholder="Password" required>
<input type="submit" name="login_submit" value="Login">
</form>



<a href="signup.php">Don't have an account?</a>
</div>



</body>
</html>

My Account page: MYaccount.php

This is the main User Accounts page, the user will be redirected to after login. The page can not log on without direct access.

<?php include_once('inc/connection.php'); include_once('inc/functions.php'); // if user is not logged int then redirect to login page. if (!isset($_SESSION['loggedin_user'])) redirect('login.php?login_required=1'); ?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>My Account - OTallu.com</title>
<link type="text/css" rel="stylesheet" href="css/style.css" media="all">
</head>
<body>
<div class="wrap">
<h2>Hello <?php echo $_SESSION['loggedin_user']; ?>!</h2>
This is your main account page which cannot be accessed directly without login.
<hr>
<a href="logout.php">Logout</a>
</div>
</body>
</html>

Logout page: logout.php

The page is fairly simple. We just reset it when you are logged in to set user session variables most people use session_destroy (). Function to destroy all session variables. However, I prefer only certain variable is not set like this using the following file.

<?php session_start(); include_once('inc/functions.php'); // unset user_login session. unset($_SESSION['loggedin_user']); // Go back to index page. redirect('index.php'); ?>

Here is the style.css file

The last point was added to the shape of our website.

body {
    font-size:13px;
    font-family:Arial, Helvetica, sans-serif;
    background:#f8f8f8;
}
 
h2 {
    margin-top:0;
}
 
.wrap,.footer {
    width:300px;
    background:#fff;
    text-align:center;
    margin:0 auto;
    padding:20px;
}
 
input {
    min-width:250px;
    margin:5px 0;
    padding:5px;
}
 
div.error {
    color:#900;
    margin:15px 0;
}
 
div.message {
    color:#060;
    margin:15px 0;
}