PHP Secure Signup Form | Rathorji.IN
I’m Gajanand Rathor, a web developer. If you want to start a project and launch quickly, contact me.
I am available for freelance work.
Email: [email protected] WhatsApp: +918827213789
In this video example i will teach you how to make secure Signup form in php & mysql database. here we are using password_hash function of PHP to generate secure hash Signup
Create any database in MySQL inside db you have create table signup signup table in db
CREATE TABLE `signup` (
`id` int(11) NOT NULL,
`username` varchar(50) NOT NULL,
`email` varchar(100) NOT NULL,
`password` varchar(500) NOT NULL,
`reg_date` varchar(30) NOT NULL,
`ip` varchar(300) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
than you have to create file UserClass.PHP this is class file of PHP we will work on Class and object
UserClass.php
<?php
class UserClass {
public $username;
public $errors;
private $conn;
public function __construct() {
$this->conn = new mysqli("localhost", "root", "", "test");
session_start();
}
public function signup($username, $email, $password) {
if (empty($username) || empty($email) || empty($password)) {
$this->errors = "all the fields are required";
} else if ($this->check_user($username, $email) == 1) {
$this->errors = "Username & email already exists";
} else if ($this->valid_email($email) == FALSE) {
$this->errors = "Emal address is not valid";
} else if ($this->check_paasword($password) == false) {
return FALSE;
} else {
//store data in database
$today_date = $this->current_date();
$ip = $this->get_ip();
$password = $this->secure_hash($password);
//insert query
$this->conn->query("INSERT INTO `signup`( `username`, `email` ,`passsword`, `reg_date`, `ip` ) VALUES( '$username','$email','$password','$today_date','$ip' )");
$this->error = "<h1>Thank you $username Registration Done , Now you can go for login <a href='login.php'>Login</h1>";
}
}
public function check_user($username, $email) {
$result = $this->conn->query("SELECT COUNT(id) as total FROM signup WHERE username = '$username' AND email = '$email' LIMIT 1");
while ($row = $result->fetch_assoc()) {
return $row['total'];
}
}
public function valid_email($email) {
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
return TRUE;
}
}
public function check_paasword($password) {
if (strlen($password) < 8) {
$this->errors = "password is too short";
} else if (!preg_match("#[0-9]+#", $password)) {
$this->errors = "password must include at least one number";
} else if (!preg_match("#[a-zA-Z]+#", $password)) {
$this->errors = "Password includes at least one latter";
} else {
return TRUE;
}
}
public function get_ip() {
$ip = $_SERVER['REMOTE_ADDR'];
if ($this->validate_ip($ip)) {
return $ip;
}
}
public function validate_ip($ip) {
if (filter_var($ip, FILTER_VALIDATE_IP) || filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
//FOR Ip VERSON 4 AND IP VERSION 6
RETURN TRUE;
}
}
public function current_date() {
$date = new DateTime();
return $date->format('Y/m/d/H:i:s');
}
public function secure_hash($password) {
$secure = password_hash($password, PASSWORD_DEFAULT);
return $secure;
}
public function login($username, $password) {
$query = $this->conn->query("SELECT COUNT(id) as total , username, passsword FROM signup WHERE (username = '$username' OR email = '$username') LIMIT 1");
while ($row = $query->fetch_assoc()) {
//passwrod + input password and second password is from database
if($row['total'] == 1 && $this->verify_password($password ,$row['passsword']) == TRUE){
$_SESSION['usernme'] = $row['username'];
header("Location:dashboard.php");
}
}
}
public function verify_password($password, $pass_from_database){
if(password_verify($password, $pass_from_database)){
return TRUE;
}
}
}
than create file signup.php inside signup.php we will create signup form and call the method signup have threee parameters one username , second is password third is email , form post method . we will create object of UserClass its name is $user and if username , email & password is set we will call the method signup
signup.php
<?php
include './UserClass.php';
$user = new UserClass();
if (isset($_POST['username'])) {
$signup = $user->signup($_POST['username'], $_POST['email'], $_POST['password']);
echo $user->errors;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>PHP Secure login & signup</title>
<style>
body{
background: #ccc;
font-family: arial;
}
.form {
width: 500px;
margin: 10px auto;
background: #fff;
padding: 20px;
}
.form > div{
margin-top: 5px;
}
.form > div input{
padding: 10px;
width: 90%;
}
.form input[type=submit]{
margin-top: 10px;
padding: 10px 20px;
}
</style>
</head>
<body>
<form action="<?php $signup; ?>" method="post" class="form">
<div>Username:<br>
<input type="text" name="username">
</div>
<div>Email:<br>
<input type="email" name="email">
</div>
<div>Password:<br>
<input type="password" name="password">
</div>
<input type="submit" value="Signup now">
<br><br>have account <a href="login.php">Login</a>
</form>
</body>
</html>
Zip file of source code is also available to download you can download and extract it in your project db backup files also it have