SEOsatu

Membuat Sistem Login PHP Mysql + Hashing Password BCRYPT

FacebookTwitter (X)Pinterest

Belajar PHP Mysql Sistem Login dengan Session Hashing BCRYPT

Cara membuat sistem login, logout, register user sederhana menggunakan php dan database mysql di localhost xampp.

Panduan belajar php ini menjadi dasar pengenalan php mysql dengan fitur lanjutan didalam sistem login mengenal function php session, untuk mengamankan user login dengan key password dan username.

Table of Contents

  • 1 Buat database Mysql baru
  • 2 Buat folder latihan php di xampp
  • 3 Isi script file
  • 4 SS Tampilan login PHP Mysql
  • 5 Pengembangan Sistem Login
  • 6 File Download

Buat database Mysql baru

Nama database : login

CREATE TABLE `user` (
`id` int(5) NOT NULL,
`nama` varchar(50) NOT NULL,
`username` varchar(25) NOT NULL,
`password` varchar(120) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

INSERT INTO `user` (`id`, `nama`, `username`, `password`) VALUES
(1, 'nama_a', 'user_a', 'Pass_a');

ALTER TABLE `user`
ADD PRIMARY KEY (`id`),
ADD UNIQUE KEY `username` (`username`);

ALTER TABLE `user`
MODIFY `id` int(5) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=16;

Buat folder latihan php di xampp

Create new folder : login

File :

  • connect.php
  • index.php
  • login.php
  • register.php
  • dashboard.php
  • pass_hash.php
  • function.php

 

Isi script file

connect.php

<?php
@ini_set('display_errors', '1');
@ini_set('display_startup_errors', '1');
@error_reporting(E_ALL);

$user='root'; // isi, ganti berdasarkan setingan mysql
$pass='123'; // isi, ganti berdasarkan setingan mysql
$host='localhost';
$db='login_php'; // sesuikan nama db anda.

$db=mysqli_connect($host,$user,$pass,$db);
if(!$db){
echo "Connected DB Failed!";
}?>

index.php

<?php
include'login.php';

form: login.php

<?php 
session_start();
if($_SESSION['is_login']==TRUE){header('location:dashboard.php');}?>

<div style="padding: 35px; background: #eee;">
<h2>Sig In user</h2>
<form action="function.php?utm=login" method="post">

<p>Username
<input type="text" name="username"></p>
<p>Password
<input type="Password" name="password"></p>
<p><button type="sumbit">Login</button> &nbsp;&nbsp; 
Create: <a href="register.php">New user</a></p>
</form>
</div>

form: register.php

<?php 
session_start();
if($_SESSION['is_login']==TRUE){header('location:dashboard.php');}?>

<div style="padding: 35px; background: #eee;">
<h2>Add user</h2>
<form action="function.php?utm=register" method="post">
<p>Nama
<input type="text" name="nama"></p>
<p>Username
<input type="text" name="username"></p>
<p>Password
<input type="Password" name="password"></p>
<p><button type="sumbit">Register</button></p>
</form>
</div>

dashboard.php

<?php
session_start();
if(!$_SESSION['is_login']==TRUE){header('location:login.php');} else {?>

<div style="padding: 35px; background: #eee;">
<h2>Dashboard</h2>
<p>Ini adalah halaman dashboard user '<b><?php echo $_SESSION['user'];?></b>' - <a href="function.php?utm=logout">Logout</a></p>
</div>

<?php } ?>

function hash_password: pass_hash.php

<?php
if(!function_exists('get_hash'))
{  
    function get_hash($pass)
    {
    return password_hash($pass, PASSWORD_BCRYPT);
   }
}
if(!function_exists('hash_check'))
{
    function hash_check($pass,$hash)
    {
return password_verify($pass,$hash) ? true : false;
   }
}
// secure variable url ** get ** input ** post
if(!function_exists('var_user'))
{
function var_user($var)
{
return trim(preg_replace('/[^A-Za-z0-9]/', '', $var));
}
function var_s($var)
{
return preg_replace('/[^A-Za-z0-9]/', '', $var);
    }
}
?>

file: function.php

<?php
session_start();
include'connect.php';
include'hash_pass.php';

$nama=var_s(@$_POST['nama']);
$user=var_user(@$_POST['username']);

if($_GET['utm']=='register'){
$pass_reg=get_hash(trim(@$_POST['password']));
$q="insert into user (nama,username,password) 
values ('$nama','$user','$pass_reg')";
$reg=$db->query($q);
if($reg){echo "Register succesfuly!, <a href='login.php'>Login now!</a>";} 
else {echo"Register failed!";}
}
if($_GET['utm']=='login'){
$pass_log=(trim(@$_POST['password']));
$q="select * from user where username='$user'";
$log=$db->query($q);
$cek=$log->num_rows; // cek username
if($cek==1){
$tmp=$log->fetch_assoc();
$pass_db=$tmp['password']; // ambil password db
if(hash_check($pass_log,$pass_db)==TRUE){
$_SESSION['user']=$user;
$_SESSION['is_login']=TRUE;
header('location:dashboard.php');
 }else{echo "password is Wrong!";}
}else {echo "Username not found.";}
}
if($_GET['utm']=='logout'){session_destroy();
header('location:login.php');
}

READ :  Jasa Google Adsense Full Approved + Bergaransi

SS Tampilan login PHP Mysql

Pengembangan Sistem Login

karena ini masih sederhana perlu ditambahkan, kembangkan:

  1. Desain yang lebih bagus
  2. Validasi form
  3. host post, token session form
  4. Lupa password
  5. Limit Login, dll.

File Download

Unduh file sistem login php secara gratis dan silahkan dikembangkan: login_php_mysql_hashing.zip

Posted in Website Hosting and tagged BCRYPT, login, Mysql, PHP Native, session php on by Admin.

Featured

Pages

  • Home
  • Services
  • Tukang Pro
  • Lowongan
  • Information
© Copyright SEOsatu.