Click here to Skip to main content
15,850,360 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I am trying to create a website that will allow visitors to sign up and login later using their username/email and password will create a user and store in an SQL table called users. So when they later choose to sign in, it will connect to a database and match the details and if matching a stored login will connect to their profile. More like how websites like Facebook work (when you login, it goes to your page and not someone). I am completely new, but below is my sign up page.

How do I connect the database and allow them login next time. Thank you.

I am completely new and learning.

HTML
<!-- begin snippet: js hide: false console: true babel: false -->

<!-- language: lang-html -->

    <!DOCTYPE html>
       <html lang="en">
       <head>
          <meta charset="UTF-8">
          <meta name="viewport" content="width=device-width, initial-scale=1.0">

          <!--=============== REMIXICONS ===============-->
          <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/remixicon/3.5.0/remixicon.css" crossorigin="">

          <!--=============== CSS ===============-->
          <link rel="stylesheet" href="assets/css/styles.css">

          <title>Learn Login an Sign up</title>
       </head>
       <body>
          <div class="login">
             <img src="assets/img/login-bg.png" alt="image" class="login__bg">

             <form action="" class="login__form">
                <h1 class="login__title">Register</h1>

                <div class="login__inputs">
                   <div class="login__box">
                      <input type="email" placeholder="Username" 
                      required class="login__input">
                      <i class="ri-mail-fill"__^

                <div class="login__inputs">
                   <div class="login__box">
                      <input type="email" placeholder="Full Name" 
                      required class="login__input">
                      
                   </div>
    				
                <div class="login__inputs">
                   <div class="login__box">
                      <input type="email" placeholder="Email ID" 
                      required class="login__input">
                      ^__i class="ri-mail-fill">
                   </div>
                   <div class="login__box">
                      <input type="password" placeholder="Password" 
                      required class="login__input">
                      ^__i class="ri-lock-2-fill">
                   </div>
    				<div class="login__box">
                      <input type="password" 
                      placeholder="Confirm Password" 
                      required class="login__input">
                      ^__i class="ri-lock-2-fill">
                   </div>
                </div>                

                <button type="submit" 
                class="login__button">Register</button>

                <div class="login__register">
                   Already have an account?  
                   <a href="index.html">Login</a>
                </div>
             </form>
          </div>
       </body>
    </html>

<!-- end snippet -->


What I have tried:

I have tried to connect using PHP with this code and it didn't work.
I am completely new.
PHP
<?php
$username = filter_input(INPUT_POST, 'username');
$password = filter_input(INPUT_POST, 'password');
if (!empty($username)){
if (!empty($password)){
$host = "localhost/phpadmin";
$dbusername = "root";
$dbpassword = "";
$dbname = "Cedar";
// Create connection
$conn = new mysqli ($host, $dbusername, $dbpassword, $dbname);

if (mysqli_connect_error()){
die('Connect Error ('. mysqli_connect_errno() .') '
. mysqli_connect_error());
echo "New record is inserted sucessfully";
}
else{
$sql = "INSERT INTO account (username, password)
values ('$username','$password')";
if ($conn->query($sql)){
echo "New record is inserted sucessfully";
}
else{
echo "Error: ". $sql ."
". $conn->error;
}
$conn->close();
}
}
else{
echo "incorrect";
die();
}
}

?>
Posted
Updated 2-Oct-23 5:05am
v2
Comments
Richard Deeming 26-Sep-23 7:26am    
Firstly: Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation/interpolation to build a SQL query. ALWAYS use a parameterized query.

PHP: SQL Injection - Manual[^]
HernanTech inc 26-Sep-23 7:30am    
how do i fix that. a sample. as i said .i am new
Richard Deeming 26-Sep-23 7:27am    
Secondly: You are storing your users' passwords in plain text. Don't do that!
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

PHP provides built-in functions to help you do the right thing:
PHP: password_hash[^]
PHP: password_verify[^]
HernanTech inc 26-Sep-23 7:30am    
how do i correct that please. a sample code will do
Richard Deeming 26-Sep-23 7:31am    
Read the links. You need to change your queries to use parameters. You need to use the password_hash function when the user registers to hash their password before storing it in the database. And you need to use the password_verify function when they sign in to verify the entered password against the hashed password stored in the database.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900