Password hashing in PHP and MySQL

Tech Area
July 15, 2024

In this tutorial, We will see how to use password_hash and password_verify function in PHP and MySQL.

Files used in this tutorial:

1- connection.php (database connection file)

2- index.php (registration form with password_hash() function)

3- login.php (login form with password_verify() function)

Below are the step by step process of how to use hashing in PHP and MySQL.

Step 1: Create a Database connection

In this step, create a new file connection.php to create database connection.

connection.php

<?php
$server = "localhost";
$username = "root";
$password = "";
$database = "college_db";
$connection = mysqli_connect("$server","$username","$password");
$select_db = mysqli_select_db($connection, $database);
if(!$select_db)
{
	echo("connection terminated");
}
?>

Step 2: Create a file for registration form

Now create a new file index.php This is the main file used for registration form and submit data into the database.

This screenshot shows the registration form.

index.php

<html>  
<head>  
    <title>Registration Form</title>  
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />  
</head>
<style>
 .box
 {
  width:100%;
  max-width:600px;
  background-color:#f9f9f9;
  border:1px solid #ccc;
  border-radius:5px;
  padding:16px;
  margin:0 auto;
 }
 .msg
{
  color: red;
  font-weight: 700;
} 
</style>
<?php
include('connection.php');
$msg="";
if(isset($_POST['register']))
{
  $name = $_POST['name'];
  $email = $_POST['email'];
  $phone = $_POST['phone'];
  $password = $_POST['pwd'];

  $hashed_password = password_hash($password, PASSWORD_DEFAULT);
  $stmt = $connection->prepare("insert into tbl_student (name,email,phone,password) values(?,?,?,?)");
  $stmt->bind_param("ssss",$name,$email,$phone,$hashed_password);
  if($stmt->execute())
  {
    $msg = "Data inserted successful!";
  }
  else
  {
    $msg = "Error!";
  }
  $stmt->close();
}
?>
<body>  
    <div class="container">  
    <div class="table-responsive">  
    <h3 align="center">Registration Form</h3>
    <a href="login.php">Login</a>
    <div class="box">
     <form method="post">
     <div class="form-group">
       <label for="name">Enter Your Name</label>
       <input type="text" name="name" id="name" placeholder="Enter Name" required class="form-control"/>
      </div>  
       <div class="form-group">
       <label for="email">Enter Your Email</label>
       <input type="email" name="email" id="email" placeholder="Enter Email" required class="form-control"/>
      </div>
      <div class="form-group">
       <label for="phone">Enter Your Phone No.</label>
       <input type="text" name="phone" id="phone" placeholder="Enter Phone No." required class="form-control"/>
      </div>
      <div class="form-group">
       <label for="pwd">Enter Password</label>
       <input type="password" name="pwd" id="pwd" placeholder="Enter Password" required class="form-control"/>
      </div>
       <div class="form-group">
       <input type="submit" id="register" name="register" value="Submit" class="btn btn-success" />
       </div>
       <p class="msg"><?php if(!empty($msg)){ echo $msg; } ?></p>
     </form>
     </div>
   </div>  
  </div>
 </body>  
</html>

Step 3: Create a file for login form

Now create a new file login.php This file used for login form.

This screenshot shows the login form.

<html>  
<head>  
    <title>Login Form</title>  
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" />  
</head>
<style>
 .box
 {
  width:100%;
  max-width:600px;
  background-color:#f9f9f9;
  border:1px solid #ccc;
  border-radius:5px;
  padding:16px;
  margin:0 auto;
 }
 .msg
{
  color: red;
  font-weight: 700;
} 
</style>
<?php
include("connection.php");
$msg = "";
if(isset($_POST['login']))
{
  $email = $_POST['email'];
  $password = $_POST['pwd'];

  $stmt = $connection->prepare("select email, password from tbl_student where email=?");
  $stmt->bind_param("s",$email);
  $stmt->execute();
  $result = $stmt->get_result();
  if($result->num_rows ===1)
  {
    $row = $result->fetch_assoc();
    $hashpwd = $row['password'];
    if(password_verify($password,$hashpwd))
    {
      $msg = "Login successful!";
    }
    else
    {
      $msg = "Wrong password!";
    }
  }
  else
  {
    $msg = "User not registered!";
  }
    $stmt->close();
}
?>
<body>  
    <div class="container">  
    <div class="table-responsive">  
    <h3 align="center">Login Form</h3>
    <a href="index.php">Registration Form</a>
    <div class="box">
     <form method="post">  
       <div class="form-group">
       <label for="email">Enter Your Email</label>
       <input type="email" name="email" id="email" placeholder="Enter Email" required class="form-control"/>
      </div>
      <div class="form-group">
       <label for="pwd">Enter Password</label>
       <input type="password" name="pwd" id="pwd" placeholder="Enter Password" required class="form-control"/>
      </div>
       <div class="form-group">
       <input type="submit" id="login" name="login" value="Login" class="btn btn-success" />
       </div>
       <p class="msg"><?php if(!empty($msg)){ echo $msg; } ?></p>
     </form>
     </div>
   </div>  
  </div>
 </body>  
</html>

Download Source Code

How to prevent Cross Site Request Forgery in PHP

How to sanitize input data in PHP

Subscribe us via Email

Join 10,000+ subscriber

Subscribe on YouTube

PHP Projects

Student record system project in PHP and MySQL Last Updated: July 3, 2024

Food ordering system project in PHP and MySQL Last Updated: June 27, 2024

Tourism management system project in PHP and MySQL Last Updated: June 24, 2024

Restaurant table booking system project in PHP and MySQL Last Updated: February 22, 2024

Hostel management system project in PHP and MySQL Last Updated: February 14, 2024