How to implement php login registration

In today's Internet era, website login and registration functions are one of the most common functions. How to quickly and safely implement login and registration functions is particularly important. As a popular Web programming language, PHP provides a wealth of tools and function libraries to implement this function.

This article will briefly introduce how to use PHP and MySQL database to implement login and registration functions. We will discuss this issue in two parts: first, the implementation of the registration function, then the implementation of the login function, and finally focusing on how to enhance the security of the system.

1. Implementation of registration function

1. Create database

First, create a database for storing user information, including user ID and user name , password and other information. The MySQL database can be created through tools such as phpMyAdmin, MySQL Workbench, or automatically created through the following code:

Create a database named user:

CREATE DATABASE user;

Create the table user_info in the user database for storing user information, and set the name and data type of the field:

CREATE TABLE user_info (

id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(30) NOT NULL,
password VARCHAR(30) NOT NULL

);

2. Registration page

The registration page displays an HTML form, allowing users to fill in their username and password, and obtains the data filled in by the user through PHP code and inserts it into the database.

The following is a simple registration page code:

<label>用户名：</label><input type="text" name="username" /><br />
<label>密码：</label><input type="password" name="password" /><br />
<input type="submit" value="注册" />

When the user submits the form, the input data is inserted into the database through the register.php file. The code of the register.php file is as follows:

$servername = "localhost";
$username = "root";
$password = "password";
$dbname = "user";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {

die("连接失败： " . $conn->connect_error);

}

// Get input data
$username = $_POST['username'];
$ password = $_POST['password'];

//Insert data
$sql = "INSERT INTO user_info (username, password) VALUES ('$username', '$password')";

if ($conn->query($sql) === TRUE) {

echo "注册成功";

} else {

echo "Error: " . $sql . "<br>" . $conn->error;

}

// Close Connection
$conn->close();
?>

Through the above code, user registration information will be saved to the database.

2. Implementation of the login function

1. Login page

The login page needs to display an HTML form for the user to enter the user name and password. The following is a simple login page code:

<label>用户名：</label><input type="text" name="username" /><br />
<label>密码：</label><input type="password" name="password" /><br />
<input type="submit" value="登录" />

2. Login verification

The process of login verification requires comparing the data entered by the user with the data previously stored in the database. If it matches, the login is successful, otherwise it prompts that the login failed.

The following is the PHP code for login verification:

$servername = "localhost";
$username = "root";
$password = "password";
$dbname = "user";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {

die("连接失败： " . $conn->connect_error);

}

// Get input data
$username = $_POST['username' ];
$password = $_POST['password'];

//Verify user
$sql = "SELECT * FROM user_info WHERE username='$username' AND password='$password '";
$result = $conn->query($sql);

if ($result->num_rows > 0) {

// 登录成功
echo "登录成功";

} else {

// 登录失败
echo "用户名或密码错误";

}

//Close the connection
$conn->close();
?>

Through the above code, the user name entered by the user and The password will be compared with the data stored in the database. If it matches, the login is successful.

3. Enhance the security of the system

The login and registration functions are very important system functions, so it is necessary to ensure that the registered and logged-in user information is not illegally accessed, stolen, tampered with, etc., to ensure System security.

The following are some ways to enhance system security:

1. Password encryption

Password is one of the most important security information for users and must be encrypted way to protect. When storing user passwords, use encryption algorithms such as MD5 and SHA-1, and do not store passwords in clear text.

2. Prevent SQL Injection

Data entered by the user may have SQL injection problems. Double quotes and variables should be used to prevent SQL injection.

For example, the following code is vulnerable to SQL injection attacks:

$sql = "SELECT * FROM user_info WHERE username=$_POST['username']";

should be rewritten For:

$sql = "SELECT * FROM user_info WHERE username='".$conn->real_escape_string($_POST['username'])."'";

3. Use verification code

Using verification code can effectively prevent malicious login attacks by robots and improve system security.

in conclusion

This article briefly introduces how to use PHP and MySQL database to implement registration and login functions. In the process of implementing this function, you need to pay attention to the security issues of the system. Only by ensuring the security of the system can the user's information security be ensured.

The above is the detailed content of How to implement php login registration. For more information, please follow other related articles on the PHP Chinese website!