Login and Registration with Procedural PHP, Mysqli

This tutorial will teach you to create user registration and login system with procedural php and mysqli. The registration and login system is the most crucial part of the web application and session plays a vital role to check the user’s login status. The source code is provided at the end of this tutorial.

Table of Content

  1. Setting up project folder
  2. Configure Database
  3. Database Connection
  4. Users File
  5. Init File
  6. Home Page
  7. Register Page
  8. Login Page
  9. Dashboard Page
  10. Logout
  11. Profile Data
  12. Setting
  13. Change Password

1. Setting up project folder

In this part, we will be setting up the project folder which contains eight files and one folder. First of all, create five files and name them changepassword.php, dashboard.php, index.php, login.php, logout.php, profile.php, register.php, and setting.php. Secondly, create a folder and name them as a core and inside that folder create three file namely db_connect.php, init.php, and users.php.

If you have followed the steps correctly then the working folder files structure would look like below:

login_registration_procedural_php

2. Configure Database

Database Name: login_registration
Table Name: users
Table Column: id, username, password, first_name, last_name, contact, address, salt, active

Creating the database for this tutorial, you can either download the SQL Command at the end of this tutorial or copy and paste this following code into your MYSQL Database

CREATE DATABASE `login_registration`;

CREATE TABLE `login_registration`.`users` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(255) NOT NULL,
  `password` varchar(255) NOT NULL,
  `first_name` varchar(255) NOT NULL,
  `last_name` varchar(255) NOT NULL,
  `contact` varchar(255) NOT NULL,
  `address` varchar(255) NOT NULL,
  `salt` text NOT NULL,
  `active` int(11) NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

3. Database Connection

In this part, we will be creating and checking the database connection. Go to db_connect.php i.e. [core/db_connect.php]. If you have different database name for this tutorial then change the name of the database in this file which is highlighted below.

<?php 

$servername = "127.0.0.1";
$username = "root";
$password = "";
$dbname = "login_registration";

// crearte connection
$connect = new Mysqli($servername, $username, $password, $dbname);

// check connection
if($connect->connect_error) {
	die("Connection Failed : " . $connect->error);
} else {
	// echo "Successfully Connected";	
}

?>

4. Users File

This file contains the php function to manipulate the database operation. For instance, inserting the user’s credentials into the database, updating the user’s information, and etc. This file is located at [core/users.php]. For now note that it file will be used to interact with the database, on later chapter this file will use.

5. Init File

In this part, we will start the session and include database connection file and users file. This file will be called at the login page, register page, change password page and etc.

<?php 

session_start();

require_once 'db_connect.php';
require_once 'users.php';

?>

6. Home Page

In this part, a simple login and register link is provided for the user to interact with the system. For now, copy and paste these codes into the index.php and we will go through them afterwards.

<?php 

require_once 'core/init.php';

if(logged_in() === TRUE) {
	header('location: dashboard.php');
}

?>

<!DOCTYPE html>
<html>
<head>
	<title>Login and Registration Procedural PHP </title>
</head>
<body>

<a href="login.php">Login</a> or <a href="register.php">Register</a>

</body>
</html>

Firstly, at the beginning of the code includes the init file which was explained before. The logged_in function is invoked from the users.php, this function checks the user’s information is stored in the session and redirecting to the dashboard.php if its value is true.

Now go users.php i.e. [core/users.php] to create a logged_in function. This function verifies if the id is stored in the session by returning the boolean value.

function logged_in() {
	if(isset($_SESSION['id'])) {
		return true;
	} else {
		return false;
	}
}

The index page should look like below:

home_page_login

7. Register Users

In this part, we will create a registration form for users to enter the information. The submitted form will validate the required field information and calls the register users function from the users.php and store it into the database. In this part, firstly we will create a user interface form and secondly, store the valid user’s information into the database by creating a function in the users.php.

Go to the register.php file to create a register form. For now, copy and paste these codes into the register.php file and go through them afterwards.

<?php 

require_once 'core/init.php';

if(logged_in() === TRUE) {
	header('location: dashboard.php');
}

// form is submitted
if($_POST) {

	$fname = $_POST['fname'];
	$lname = $_POST['lname'];
	$username = $_POST['username'];
	$password = $_POST['password'];
	$cpassword = $_POST['cpassword'];

	if($fname == "") {
		echo " * First Name is Required <br />";
	}

	if($lname == "") {
		echo " * Last Name is Required <br />";
	}

	if($username == "") {
		echo " * Username is Required <br />";
	}

	if($password == "") {
		echo " * Password is Required <br />";
	}

	if($cpassword == "") {
		echo " * Conform Password is Required <br />";
	}

	if($fname && $lname && $username && $password && $cpassword) {

		if($password == $cpassword) {
			if(userExists($username) === TRUE) {
				echo $_POST['username'] . " already exists !!";
			} else {
				if(registerUser() === TRUE) {
					echo "Successfully Registered <a href='login.php'>Login</a>";
				} else {
					echo "Error";
				}
			}
		} else {
			echo " * Password does not match with Conform Password <br />";
		}
	}

}

?>

<!DOCTYPE html>
<html>
<head>
	<title>Registration Form</title>
</head>
<body>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
	<div>
		<label for="fname">First Name: </label>
		<input type="text" name="fname" placeholder="First Name" autocomplete="off" value="<?php if($_POST) {
			echo $_POST['fname'];
			} ?>" />
	</div>
	<br />

	<div>
		<label for="lname">Last Name: </label>
		<input type="text" name="lname" placeholder="Last Name" autocomplete="off" value="<?php if($_POST) {
			echo $_POST['lname'];
			} ?>" />
	</div>
	<br />

	<div>
		<label for="username">Username: </label>
		<input type="text" name="username" placeholder="Username" autocomplete="off" value="<?php if($_POST) {
			echo $_POST['username'];
			} ?>" />
	</div>
	<br />

	<div>
		<label for="password">Password: </label>
		<input type="password" name="password" placeholder="Password" autocomplete="off" />
	</div>
	<br />

	<div>
		<label for="cpassword">Conform Password: </label>
		<input type="password" name="cpassword" placeholder="Conform Password" autocomplete="off" />
	</div>
	<br />
	<div>
		<button type="submit">Create</button>
		<button type="reset">Cancel</button>
	</div>

</form>

Already Registered ? Click <a href="login.php">login</a> 

</body>
</html>

In this file, the first line code includes the init.php file which was explained before. After that, the script checks if the user is already logged in by redirecting to the dashboard page. The script checks if the form is submitted and then store the from input value into their appropriate variable name respectively.

Secondly, it validates the value by providing an error message. Thirdly, if the form validation is valid then it checks username by calling the userExists function and passing the username variable. If the username does not exist in the system then the script calls the registerUser function and display a successful message. The userExists and registerUser function will be created in users.php file. Now go to the users.php file, copy and paste these codes and we will go through them afterwards.

function userExists($username) {
	// global keyword is used to access a global variable from within a function
	global $connect;

	$sql = "SELECT * FROM users WHERE username = '$username'";
	$query = $connect->query($sql);
	if($query->num_rows == 1) {
		return true;
	} else {
		return false;
	}

	$connect->close();
	// close the database connection
}

function registerUser() {

	global $connect;

	$fname = $_POST['fname'];
	$lname = $_POST['lname'];
	$username = $_POST['username'];
	$password = $_POST['password'];
	
	$salt = salt(32);
	$newPassword = makePassword($password, $salt);
	if($newPassword) {
		$sql = "INSERT INTO users (first_name, last_name, username, password, salt, active) VALUES ('$fname', '$lname', '$username', '$newPassword', '$salt' , 1)";
		$query = $connect->query($sql);
		if($query === TRUE) {
			return true;
		} else {
			return false;
		}
	} // /if

	$connect->close();
	// close the database connection
} // register user funtion

function salt($length) {
	return mcrypt_create_iv($length);
}

function makePassword($password, $salt) {
	return hash('sha256', $password.$salt);
}

The usersExists function requires one parameter i.e. username. The variable connect is a database connection used as a global. After that its checks the username by return the boolean value.

The registerUser function does not require any parameter. This function calls the variable connect as a global from the db_connetion file to execute the SQL query. This function also stores the form’s input value in the variable with the appropriate name. To secure the password, this function will encrypt the password value into hash. To do this, we will first create a salt variable and call the salt function and pass thirty-two (32) length to generate the mcrypt_create_iv value. That salt will be stored in the database to match with the password whenever users try to login into the system. After that, the makePassword function will have two parameters that are the password, and salt variable returning the password value which is encrypted into the sha256 hash format.

Lastly, the scripts check the newPassword variable and insert the user’s information into the database by return the boolean value.

The register page should look like below:

register

8. Login

In this part, we will create a login form for users to enter their login credentials. The login form submitted will validate the required field and checks if the username is exists and if it exists then it call the login function and store the users information into the session. Firstly, we will create a user interface form and secondly, validate the required field and login into the system and store it into the session.

Go to the login.php file to create a login form. For now, copy and paste these codes into the login.php file and we will go through them afterwards.

<?php 

require_once 'core/init.php';

if(logged_in() === TRUE) {
	header('location: dashboard.php');
}

// form submiited
if($_POST) {
	$username = $_POST['username'];
	$password = $_POST['password'];

	if($username == "") {
		echo " * Username Field is Required <br />";
	}

	if($password == "") {
		echo " * Password Field is Required <br />";
	}

	if($username && $password) {
		if(userExists($username) == TRUE) {
			$login = login($username, $password);
			if($login) {
				$userdata = userdata($username);

				$_SESSION['id'] = $userdata['id'];

				header('location: dashboard.php');
				exit();
					
			} else {
				echo "Incorrect username/password combination";
			}
		} else{
			echo "username does not exists";
		}
	}

} // /if


?>


<!DOCTYPE html>
<html>
<head>
	<title>Login</title>
</head>
<body>

<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
	<div>
		<label for="username">Username</label>
		<input type="text" name="username" id="username" autocomplete="off" placeholder="Username" />
	</div>
	<br />

	<div>
		<label for="password">Password</label>
		<input type="password" name="password" id="password" autocomplete="off" placeholder="Password" />
	</div>
	<br />

	<div>
		<button type="submit">Login</button>
		<button type="reset">Cancel</button>
	</div>
	
</form>

Not Registered ? Click <a href="register.php">Register</a> 

</body>
</html>

In this file, it includes the init.php and checks if the users is logged in. After that, the scripts checks if the form is submitted and if its true then it store the username and password value into the respective variable name. The scripts validate the username and password value and display an appropriate message. If the validation is valid then the scripts checks if the username value exists in the database by display an error message. If the username value exists in the database then it calls the login function with two paramters that is username, and password vairable. If the login function return the true value then the script retrieves the user’s information by calling the userdata function by passing the username variable and store the user’s id into the session and redirecting to the dashabord.

The logged_in, userExists function is already created in the register chapter. In this part, the login, and userdata function is new. For now, go to the users.php file, copy and paste these codes and we will go through them afterwards.

function login($username, $password) {
	global $connect;
	$userdata = userdata($username);

	if($userdata) {
		$makePassword = makePassword($password, $userdata['salt']);
		$sql = "SELECT * FROM users WHERE username = '$username' AND password = '$makePassword'";
		$query = $connect->query($sql);

		if($query->num_rows == 1) {
			return true;
		} else {
			return false;
		}
	}

	$connect->close();
	// close the database connection
}

function userdata($username) {
	global $connect;
	$sql = "SELECT * FROM users WHERE username = '$username'";
	$query = $connect->query($sql);
	$result = $query->fetch_assoc();
	if($query->num_rows == 1) {
		return $result;
	} else {
		return false;
	}
	
	$connect->close();

	// close the database connection
}

The login function requires two parameter i.e. username, and password. The variable connect is a global variable which holds the database connection and will be used to exectue the sql query. The userdata variable holds the user’s information. The script checks if the userdata variable is not empty. If the userdata variable is valid the script create a new variable as a makePassword which holds the enctypted was of the by calling the makePassword (this function is defined in previous part). After that the script checks if the provided information matches with the database and returns the boolean value.

The userdata function required one paramter i.e. username. The scripts fetch the user’s information through the username value and return the user’s information.

The login page should look like below :

login_registration_loginpage

9. Dashboard

The valid users will be redirect to this page. The dashboard contains this following pages and they are Profile, setting, change password and logout. These list will be listed in the unordered list with a link which will redirect to the selected page. For now, copy and paste these codes into dashboard.php file and we will go through them afterwards.

<?php 

require_once 'core/init.php'; 

if(not_logged_in() === TRUE) {
	header('location: login.php');
}

$userdata = getUserDataByUserId($_SESSION['id']);

?>

<!DOCTYPE html>
<html>
<head>
	<title>Dashboard</title>
</head>
<body>

<ul>
	<li>Hello , <?php echo $userdata['username']; ?></li>
	<li><a href="profile.php">Profile</a></li>
	<li><a href="setting.php">Setting</a></li>
	<li><a href="changepassword.php">Change Password</a></li>
	<li><a href="logout.php">Logout</a></li>
</ul>

</body>
</html>

This page will include the init file which was discuss at early part. This page will also checks if the user is not logged in the system then redirecting to the login page. The user data variable holds the user’s information through user id which was stored while logging the user id was stored into the session.

The not_logged_in function will return the session login status by returning the boolean value. The getUserDataByUserId function requires one parameter that is user id. This function is invoked by the users.php, its retrieves the user information via user id which was stored in the session.

For not_logged_in, and getUserDataByUserId function, go to users.php, copy and paste these codes into the users.php file and we will go through them afterwards.

function not_logged_in() {
	if(isset($_SESSION['id']) === FALSE) {
		return true;
	} else {
		return false;
	}
}

function getUserDataByUserId($id) {
	global $connect;

	$sql = "SELECT * FROM users WHERE id = $id";
	$query = $connect->query($sql);
	$result = $query->fetch_assoc();
	return $result;

	$connect->close();
}

The not_logged_in function checks the id stored in the session by returning the boolean value. If user id is stored in the session then returns true else false.

The getUserDataByUserId function requires one parameter that is id. This function selects the user’s information from the user’s table where id is equal to provided id and it returns in an associative array.

The dashboard page should look like below :

dashboard_login_registration_php

10. Logout

In this part, the logout page will call the logout function from the users.php file. The logout function will unset and destroy the session and redirects to the login page. For now, copy and paste these codes into the logout.php and we will go through afterwards.

<?php 

require_once 'core/init.php'; 

logout(); 

?>

When evet the user clicks on the logout link the page will redirect to this page. This page contains the init file and logout function invoked from the user.php file. The main function of logout contains the logout function in the users.php file which is listed below. For now, copy and paste these codes into the users.php file and we will go through them afterwards.

function logout() {
	if(logged_in() === TRUE){
		// remove all session variable
		session_unset();

		// destroy the session
		session_destroy();

		header('location: login.php');
	}
}

This function logout will call the logged_in function to check if the users is logged in the system. If the statement is true then the scripts will call the built-in php function session_unset and session_destoy to remove and destory the session variable and it redirects to login page.

11. Profile Data

In this part, we will be fetching the user’s information form the database through user id which is stored in the session. For now, copy and paste these codes into profile.php and we will go through them afterwards.

<?php 

require_once 'core/init.php'; 

if(not_logged_in() === TRUE) {
	header('location: login.php');
}

$userdata = getUserDataByUserId($_SESSION['id']);

?>

<!DOCTYPE html>
<html>
<head>
	<title>Profile Information</title>
</head>
<body>

<h1>Profile Information</h1>

<table border="1" style="width:100%;">
	<tr>
		<th>Username </th>
		<td><?php echo $userdata['username'] ?></td>
	</tr>
	<tr>
		<th>First Name </th>
		<td><?php echo $userdata['first_name'] ?></td>
	</tr>
	<tr>
		<th>Last Name </th>
		<td><?php echo $userdata['last_name'] ?></td>
	</tr>
	<tr>
		<th>Contact </th>
		<td><?php echo $userdata['contact'] ?></td>
	</tr>
	<tr>
		<th>Address </th>
		<td><?php echo $userdata['address'] ?></td>
	</tr>
</table>

<br />

<a href="dashboard.php"><button type="button">Back</button></a>

</body>
</html>

This page includes the init.php file and checks if the user is not logged in to system which calling the not_logged_in function to check the user’s status. The users information is retrieved by calling the getUserDataByUserId function which requires one parameter and store the retireve data into the user data variable.

The user’s information is displayed in the table layout as you can see below image. The not_logged_in and getUserDataByUserId function explain before part.

The profile page should look like below :

login_registration_profile

12. Setting

In this part, the valid user should be to update their information. This page will display the users information which are stored in the system. For now, copy and paste these codes into the setting.php file and we will go through them afterwards.

<?php require_once 'core/init.php'; 

if(not_logged_in() === TRUE) {
	header('location: login.php');
}

$userdata = getUserDataByUserId($_SESSION['id']);


if($_POST) {
	$fname = $_POST['fname'];
	$lname = $_POST['lname'];
	$username = $_POST['username'];
	$contact = $_POST['contact'];
	$address = $_POST['address'];

	if($fname == "") {
		echo " * First Name is Required <br />";
	}

	if($lname == "") {
		echo " * Last Name is Required <br />";
	}

	if($username == "") {
		echo " * Username is Required <br />";
	}

	if($contact == "") {
		echo " * Contact is Required <br />";
	}

	if($address == "") {
		echo " * Address is Required <br />";
	}

	if($fname && $lname && $username && $contact && $address) {
		$user_exists = users_exists_by_id($_SESSION['id'], $username);
		if($user_exists === TRUE) {
			echo "username already exists <br /> ";
		} else {
			if(updateInfo($_SESSION['id']) === TRUE) {
				echo "Successfully Updated <br />";
			} else {
				echo "Error while updating the information";
			}
		}
	}

}


?>


<!DOCTYPE html>
<html>
<head>
	<title>Setting</title>
</head>
<body>

<form action="<?php $_SERVER['PHP_SELF'] ?>" method="POST">
	<div>
		<label for="username">Username</label>
		<input type="text" name="username" id="username" placeholder="Username" value="<?php if($_POST) {
			echo $_POST['username'];
			} else {
			 	echo $userdata['username'];
			 	} ?>">
	</div>
	<br />

	<div>
		<label for="fname">First Name</label>
		<input type="text" name="fname" id="fname" placeholder="Fisrt Name" value="<?php if($_POST) {
			echo $_POST['fname'];
			} else {
				echo $userdata['first_name'];
				} ?>">
	</div>
	<br />

	<div>
		<label for="lname">Last Name</label>
		<input type="text" name="lname" id="lname" placeholder="Last Name" value="<?php if($_POST) {
			echo $_POST['lname'];
			} else { 
				echo $userdata['last_name'];
				} ?>">
	</div>
	<br />

	<div>
		<label for="contact">Contact</label>
		<input type="text" name="contact" id="contact" placeholder="Contact" value="<?php if($_POST) {
			echo $_POST['contact'];
			} else {
				echo $userdata['contact'];
				} ?>">
	</div>
	<br />

	<div>
		<label for="address">Address</label>
		<input type="text" name="address" id="address" placeholder="Address" value="<?php if($_POST) {
			echo $_POST['address'];
			} else { 
				echo $userdata['address']; 
				} ?>">
	</div>
	<br />

	<div>
		<button type="submit">Submit</button>		
	</div>

</form>

<a href="dashboard.php"><button type="button">Back</button></a>

</body>
</html>

This page includes the init file and checks the user’s logged in status. The user’s information is retrieved by calling a getUserDataByUserId function which requires one parameter i.e. user id. The script checks if the form is submitted and stores the input value into the variable with their appropriate name. After that, the scripts validate the input field and if it is valid then it checks if the user’s name already exists in the system by calling the users_exists_by_id function which required two parameter i.e. user id and username value. If the username does not exists in the system then the script calls the updateInfo function which required one parameter that is user id and updates the information into the system by display a successful message.

The not_logged_in, getUserDataByUserId function has been explained at before chapter. The new function in this part is users_exists_by_id and updateInfor function are the new functionality in this prt. For now, copy nad paster these codes into the users.php file and we will go through them afterwards.

function users_exists_by_id($id, $username) {
	global $connect;

	$sql = "SELECT * FROM users WHERE username = '$username' AND id != $id";
	$query = $connect->query($sql);
	if($query->num_rows >= 1) {
		return true;
	} else {
		return false;
	}

	$connect->close();
}

function updateInfo($id) {
	global $connect;

	$username = $_POST['username'];
	$fname = $_POST['fname'];
	$lname = $_POST['lname'];
	$contact = $_POST['contact'];
	$address = $_POST['address'];

	$sql = "UPDATE users SET username = '$username', first_name = '$fname', last_name = '$lname', contact = '$contact', address = '$address' WHERE id = $id";
	$query = $connect->query($sql);
	if($query === TRUE) {
		return true;
	} else {
		return false;
	}
}

The users_exists_by_id function requires two parameter that is user id, and username value. This function calls the global connect variable to execture the sql queries. Then it selects the user’s information form the users table wich id is not equal to current loggedin user id because the username should not be equal to the current logged in username. After the query execution the script check if the username exists more than or equal to one by returning the boolean value.

The updateInfo function requires one paramter that is user id. This function stores the form input value into the variable with appropraite name, and executes the query.

The setting page should look like below :

setting

13. Change password

In this part, the logged in users should be able to change the current password into new password. The change password page should display a form which contains the current password, new password, and password again input filed. For now, copy and paste these codes into the changepassword.php file and we will go through them afterwards.

<?php 

require_once 'core/init.php'; 

if(not_logged_in() === TRUE) {
	header('location: login.php');
}

if($_POST) {
	$currentpassword = $_POST['currentpassword'];
	$newpassword = $_POST['password'];
	$conformpassword = $_POST['conformpassword'];

	if($currentpassword == "") {
		echo "Current Password field is required <br />";
	}

	if($newpassword == "") {
		echo "New Password field is required <br />";
	}

	if($conformpassword == "") {
		echo "Conform Password field is required <br />";
	}

	if($currentpassword && $newpassword && $conformpassword) {
		if(passwordMatch($_SESSION['id'], $currentpassword) === TRUE) {

			if($newpassword != $conformpassword) {
				echo "New password does not match conform password <br />";
			} else {
				if(changePassword($_SESSION['id'], $newpassword) === TRUE) {
					echo "Successfully updated";
				} else {
					echo "Error while updating the information <br />";
				}
			}
			
		} else {
			echo "Current Password is incorrect <br />";
		}
	}
}

?>

<!DOCTYPE html>
<html>
<head>
	<title>Change Password</title>
</head>
<body>

<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
	<table>
		<tr>
			<th>
				Current Password
			</th>
			<td>
				<input type="password" name="currentpassword" autocomplete="off" placeholder="Current Password" />
			</td>
		</tr>
		<tr>
			<th>
				New Password
			</th>
			<td>
				<input type="password" name="password" autocomplete="off" placeholder="New Password" />
			</td>
		</tr>
		<tr>
			<th>
				Conform Password
			</th>
			<td>
				<input type="password" name="conformpassword" autocomplete="off" placeholder="Confrom Password" />
			</td>
		</tr>
		<tr>
			<td>
				<button type="submit">Change Password</button>
			</td>
			<td>
				<a href="dashboard.php"><button type="button">Back</button></a>
			</td>
		</tr>
	</table>
</form>

</body>
</html>

This page requires the init.php file and checks user logged in status. The scripts checks if the form submitted and stores the value into the variable with appropriate name. The scripts validate the required field and if it is valid then firslty, the script checks if the current password is matchces with users in the database. This is done by calling passwordMatch function which requires two paramte and that user id which is stored in the session and current password vairable which holds the value of the current. If the current password matches with the user details and scripts check if the password and password again value matches with each other. If the password matches ththe changePassword funtion and the new password information is stored into the user’s table.

The passwordMatch and changePassword function will be explain. For now, copy and paste these codes into the users.php file and we will go through them afterwards.


function passwordMatch($id, $password) {
	global $connect;

	$userdata = getUserDataByUserId($id);

	$makePassword = makePassword($password, $userdata['salt']);

	if($makePassword == $userdata['password']) {
		return true;
	} else {
		return false;
	}

	// close connection
	$connect->close();
}

function changePassword($id, $password) {
	global $connect;

	$salt = salt(32);
	$makePassword = makePassword($password, $salt);

	$sql = "UPDATE users SET password = '$makePassword', salt = '$salt' WHERE id = $id";
	$query = $connect->query($sql);

	if($query === TRUE) {
		return true;
	} else {
		return false;
	}
}

The passwordMatch function requires two paramter that is user id and password value. This function fetches the user’s details from the database by the getUserDataByUserId function and makes a encrypted password by calling makePassword function by passing the password variable, and salt value from $userdata varaible should was retrieved before. Now the scripts checks the encrypted password value equals to the user information retreived from the database.

The changPassword function requires two parameter that is user id and password variable. This function creates a new salt value by calling the salt function and passing thirty two length paramter. Then its makes a encrypted password by calling the makePassword function and updates the password inforamtion into the sytem.

The change password page should look like below :

changepassword

Source Code

Download Source Code

Download Database




Posted in PHP

5 thoughts on “Login and Registration with Procedural PHP, Mysqli

  1. Hello,
    You deed a great job at procedural PHP MySQL login and registration. I follow every step of installation but is not showing. I did not download for I can’t really instal zip file. I created folders as it was explained and the files under each folder. Please, if there is anything I can do out side downloading. Please

Leave a Reply

Your email address will not be published. Required fields are marked *