Secure Login Registration System in Php — Email Activation

Arhaan Ali
13 min readFeb 2, 2024

Hey Guys, I hope you are all fine, in this tutorial, we will learn how to build a secure login registration system in PHP — email activation. When You will design any type of web application using Php and MySQLi, you should make a small type of web-based application. Once you learned, then you will be able to work on large projects. So, I’m going to teach you How You can use Php and MySQLi Database to develop professional applications step by step.

If you have an idea or knowledge of Web Applications such as Facebook, YouTube, Microsoft Application, etc, those are the largest web applications those applications developed in different Programming languages. I hope you are using those applications.

Before registering the Accounts You can’t use those applications without YouTube. If you want to use complete features of the applications you must register the account, once you register the account then you will be able to use each feature that is available inside the application.

You May Also Like: Student Registration System in Php

That’s called the login and registration system, you need to register the account, then you need to activate the account, and once your account is active, then you will be able to log in to the account. All features are available inside the application.

So, we will develop the same project such as a secure login registration system in PHP — email activation. We, Will, use Php and MySQLi

Secure Login Registration System in PHP

Let’s Start with How We Can Develop the complete application. First of All, we will use Bootstrap to design the application. Bootstrap is an HTML, CSS, and Also JavaScript framework used to design Mobile Responsive Websites. If you want to use HTML and CSS3 to design the application you can do that, but Bootstrap is very easy to use and also you can use that to design attractive and professional applications in a short time.

Once you design the application, then you need to use Php and MySQLi to Develop the Application. Guys I’ve designed the complete course for absolute beginners. If you are a beginner and you want to learn to develop the application using Php and MySQLi that’s the perfect video course for you.

However, I’ve designed the course series-wise, you need to watch complete videos without skipping the videos. If you want to Learn completely you must watch the complete video series, once you watched my complete videos. Then you will be able to understand everything you need in Php Application.

You May Also Like: School Management System in Php

Before Watching the video series you must have Basic Knowledge of Php and MySQLi If you have Knowledge of Php and MySQLi. Then you are able to watch the videos otherwise Learn Php and MySQLi.

Secure Login Registration System in PHP

Guys, I hope you will follow my instructions Below, I included video series you need a watch and then learn how you can use Php and MySQL database to make a Secure Login Registration System in Php — Email Activation, One more thing you need to know, I will upload the complete project with the live server or you can use Online.

You May Also Like: Insert Update Delete in Php

If you are using it locally you can’t use the complete features that are available inside the application. If you upload the complete project with an online server, then you will be able to see each feature that is available inside the application.

Secure PHP Login Registration System

Secured Login Registration System in Php — Email Activation

Guys, I’ve mentioned the above video tutorial and also the source code of this project, you can download the source on your computer and use this application without writing a code. If you want to learn that, you can follow the video tutorial, and also you should understand the Php code that helps us to create an application.

So, Let’s get started to understand How to create a Secure Login and Registration System in PHP with Email Activation. First of All, you need to design the page, So, I’ve used Bootstrap classes to design the application. You should use Bootstrap to design the application, otherwise, you can use your own CSS for styling your application. Before using Bootstrap Classes you include or download the Bootstrap CSS File and include that in your application.

Once you include the Bootstrap CSS File, then you can use Bootstrap Classes to Design the Application. I’ve shared with you the below mentioned code that helps you to design basic and also simple applications.

First of all, you need to create an index.php file, then you can design an application and also you need to make three files namely header.php, nav.php, and footer.php. You can use those files to distribute the code which is used inside the Index.php page.

<?php require_once('functions/config.php') ?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<link rel="stylesheet" href="css/bootstrap.css">
<title>Login & Registration System With Email Activation</title>
</head>

<body style="background:#CCC">
<nav class="navbar navbar-expand-sm navbar-light bg-light">
<div class="container">
<a href="index.php" class="navbar navbar-brand"><h3> L&R System </h3></a>
<ul class="navbar-nav">
<li class="nav-item">
<a href="#" class="nav-link">Home</a>
</li>
<li class="nav-item">
<a href="#" class="nav-link">Services</a>
</li>
<li class="nav-item">
<a href="#" class="nav-link">About</a>
</li>
<?php

if(isset($_SESSION['Email']) || isset($_COOKIE['email']))
{
?>
<li class="nav-item">
<a href="logout.php" class="nav-link">Logout</a>
</li>
<?php
}
else
{
?>
<li class="nav-item">
<a href="login.php" class="nav-link">Login</a>
</li>
<li class="nav-item">
<a href="register.php" class="nav-link">Register</a>
</li>
<?php
}

?>
</ul>

</div>
</nav>
footer.php
</body>
</html>

Above mentioned all files are header, nav, and also footer pages, you can distribute the code and you can use those files anywhere inside the application without writing the complete code.

<?php  require_once('includes/header.php') ?>

<!--Navigation Bar-->
<?php require_once('includes/nav.php') ?>
<!--Main Page-->
<div class="container">
<div class="row">
<div class="col">
<div class="card bg-light mt-5 py-2">
<?php display_message();?>
<h3 class="text-center"> Index Php Page </h3>
</div>
</div>
</div>
</div>
<?php require_once('includes/footer.php') ?>

Then you need to make the register.php page inside the page, you need to design the registration form. You can get the values from the registration form here is the code that helps you to design the registration form.

<?php require_once('includes/header.php')?>

<!--Navigation Bar-->
<?php require_once('includes/nav.php') ?>

<!--Registration Form-->
<div class="container">
<div class="row">
<div class="col-lg-6 m-auto">
<div class="card bg-light mt-5 py-2">

<div class="card-title">
<h2 class="text-center mt-2"> Registration Form </h2>
<hr>
</div>
<div class="card-body">
<?php user_validation(); ?>
<form method="post">
<input type="text" name="FirstName" placeholder=" First Name " class="form-control py-2 mb-2" required>
<input type="text" name="LastName" placeholder=" Last Name " class="form-control py-2 mb-2" required>
<input type="text" name="UserName" placeholder=" User Name " class="form-control py-2 mb-2" required>
<input type="email" name="Email" placeholder=" Email " class="form-control py-2 mb-2" required>
<input type="password" name="pass" placeholder=" Password " class="form-control py-2 mb-2" required>
<input type="password" name="cpass" placeholder=" Confirm Password " class="form-control py-2 mb-2" required>
<button class="btn btn-success float-right"> Register Now </button>
</form>
</div>
</div>
</div>
</div>
</div>
<?php require_once('includes/footer.php') ?>

once you designed the registration form, then you will be able to design another form namely the login form. So, I’ve also shared below login from code that helps you to design the login as well.

<?php require_once('includes/header.php') ?>

<!--Navigation Bar-->
<?php require_once('includes/nav.php') ?>
<!--Login Form-->
<div class="container">
<div class="row">
<div class="col-lg-6 m-auto">
<div class="card bg-light mt-5 py-2">
<div class="card-title">
<?php
display_message();
login_validation();
?>
<h2 class="text-center mt-2"> Login Form </h2>
<hr>
</div>
<div class="card-body">
<form method="POST">
<input type="email" name="UEmail" placeholder="User Email" class="form-control py-2 mb-2">
<input type="password" name="UPass" placeholder=" Password " class="form-control py-2 mb-2">
<button class="btn btn-dark float-right"> Login </button>

</div>
<div class="card-footer">
<input type="checkbox" name="remember"> <span> Remeber Me </span>
<a href="recover.php" class="float-right"> Forget Password </a>
</form>
</div>
</div>
</div>
</div>
</div>
<?php require_once('includes/footer.php') ?>

Then, you need to design another form, so, the first one will be recover.php inside the page, you need to use recovery features, I’ve shared the below-mentioned code that helps you to design the recover.php page.

<?php   require_once('includes/header.php'); ?>

<!--Recover Main Page-->
<div class="container">
<div class="row">
<div class="col-lg-6 m-auto">
<div class="card bg-light mt-5 py-2">
<div class="card-title">
<h2 class="text-center mt-2"> Recover Password </h2>
<hr>
<?php
recover_password();
display_message();
?>
</div>
<div class="card-body">
<form method="POST">
<input type="email" name="UEmail" placeholder="User Email" class="form-control py-2 mb-2">
<input type="hidden" name="token" value="<?php echo Token_Generator(); ?>">

</div>
<div class="card-footer">
<button class="btn btn-danger float-right"> Cancel </button>
<button class="btn btn-success float-left"> Send Password </button>
</form>
</div>
</div>
</div>
</div>
</div>
<?php require_once('includes/footer.php') ?>

then you need to design the code.php inside the page you can use Php to match the code with your database. Inside the form, you just need to display one input text field. I’ve shared the below code, that help you to design the code.php page.

<?php require_once('includes/header.php') ?>

<div class="container">
<div class="row">
<div class="col-lg-6 m-auto">
<div class="card bg-light mt-5 py-2">
<div class="card-title">
<h2 class="text-center mt-2"> Enter Code </h2>
<hr>
<?php validation_code(); ?>
</div>
<div class="card-body">
<form method="POST">
<input type="text" name="recover-code" placeholder="######" class="form-control py-2 mb-2">

</div>
<div class="card-footer">
<button class="btn btn-danger float-right"> Cancel </button>
<button class="btn btn-success float-left"> Send Password </button>
</form>
</div>
</div>
</div>
</div>
</div>
<?php require_once('includes/footer.php') ?>

Then you need to design the reset.php page inside the page where you need to reset the password. So, you need to display two input text fields inside the fields, you need to get the password and also confirm the password. Below you can check the code of this page.

<?php require_once('includes/header.php') ?>

<div class="container">
<div class="row">
<div class="col-lg-6 m-auto">
<div class="card bg-light mt-5 py-2">
<div class="card-title">
<h2 class="text-center mt-2"> Reset Password </h2>
<hr>
<?php reset_password();
display_message();
?>
</div>
<div class="card-body">
<form method="POST">
<input type="password" name="reset-pass" placeholder=" Password " class="form-control py-2 mb-2">
<input type="password" name="reset-c-pass" placeholder=" Confirm Password " class="form-control py-2 mb-2">
<input type="hidden" name="token" value="<?php echo Token_Generator(); ?>">
</div>
<div class="card-footer">
<button class="btn btn-danger float-right"> Cancel </button>
<button class="btn btn-success float-left"> Send Password </button>
</form>
</div>
</div>
</div>
</div>
</div>
<?php require_once('includes/footer.php') ?>

Now once you design the reset page, then you need to make a simple admin page. Inside the Admin Page, you will be able to redirect the user inside the Admin page. If the user enters the correct email and password who will redirect to the admin.php page?

<?php require_once('includes/header.php') ?>

<!--Navigation Bar-->
<?php require_once('includes/nav.php') ?>
<!--Admin Main Page-->
<div class="container">
<div class="row">
<div class="col">
<div class="card bg-light mt-5 py-2">
<h3 class="text-center">
<?php
if(logged_in())
{
echo ' You Have Successfully Logged in ';
}
else
{
redirect('login.php');
}

?>
</h3>
</div>
</div>
</div>
</div>
<?php require_once('includes/footer.php') ?>

Then, you need to make a logout page, inside the page, you can use that to destroy the user with your admin page and redirect to the login page. You need to use that.

<?php 

require_once('functions/config.php');
session_destroy();
if(isset($_COOKIE['email']))
{
unset($_COOKIE['email']);
setcookie('email','',time()-86400);
}

redirect('login.php');
?>

Then you need to make an active.php page, inside the page is the activation code that helps you to be active and a user. If the user enters everything clearly, then you will be able to activate the account. here is the code.

<?php 
require_once('includes/header.php');
require_once('includes/nav.php');
?>

<!--Activate Main Page-->
<div class="container">
<div class="row">
<div class="col">
<div class="card bg-light mt-5 py-2">
<?php activation(); ?>
<h3 class="text-center"> Activation </h3>
</div>
</div>
</div>
</div>

<?php
require_once('includes/footer.php');
?>

Let’s work on Php to perform the all works you want such as inserting the record inside the database and matching the data with the database and much more. The First thing you need to make the config.php page inside the page you need to use the below-mentioned code.

<?php 

ob_start();
session_start();

require_once('functions/db.php');
require_once('functions/functions.php');
?>

Then you need to make the db.php page inside the file have a connection and also many functions that help you to handle the application. Below I’ve shared the code, you can check out it.

<?php 

$con = mysqli_connect('localhost','root','','loginPro');

// Function Clean String Values
function escape($string)
{
global $con;
return mysqli_real_escape_string($con,$string);
}
// Query Function
function Query($query)
{
global $con;
return mysqli_query($con,$query);
}
// Confirmation Function
function confirm($result)
{
global $con;
if(!$result)
{
die('Query Failed'.mysqli_error($con));
}
}
// Fatech Data From Database
function fatech_data($result)
{
return mysqli_fetch_assoc($result);
}
// Row Values From Database
function row_count($count)
{
return mysqli_num_rows($count);
}
?>

Finally, you need to make the functions.php page inside the file have all functions that are used for different purposes, you need to copy the below-mentioned code and use that with your application. I’ve shared the code you can check out it.

<?php

// Clean String Values
function clean ($string)
{
return htmlentities($string);
}
// Redirection
function redirect($location)
{
return header("location:{$location}");
}
// Set Session Message
function set_message($msg)
{
if(!empty($msg))
{
$_SESSION['Message'] = $msg;
}
else
{
$msg="";
}
}
// Display Message Function
function display_message()
{
if(isset($_SESSION['Message']))
{
echo $_SESSION['Message'];
unset($_SESSION['Message']);
}
}

// Generate Token
function Token_Generator()
{
$token = $_SESSION['token']=md5(uniqid(mt_rand(),true));
return $token;
}
// Send Email Function
function send_email($email,$sub,$msg,$header)
{
return mail($email,$sub,$msg,$header);
}
//***********User Validation Functions********** */
// Errors Function
function Error_validation($Error)
{
return '<div class="alert alert-danger">'.$Error.'</div>';
}

// User Validation Function
function user_validation()
{
if($_SERVER['REQUEST_METHOD']=='POST')
{
$FirstName = clean($_POST['FirstName']);
$LastName = clean($_POST['LastName']);
$UserName = clean($_POST['UserName']);
$Email = clean($_POST['Email']);
$Pass = clean($_POST['pass']);
$CPass = clean($_POST['cpass']);
$Errors = [];
$Max = 20;
$Min = 03;
// Check the First Name Characters
if(strlen($FirstName)<$Min)
{
$Errors[]= " First Name Cannot Be Less Than {$Min} Characters ";
}
// Check the First Name Characters
if(strlen($FirstName)>$Max)
{
$Errors[]= " First Name Cannot Be More Than {$Max} Characters ";
}
// Check the Last Name Characters
if(strlen($LastName)<$Min)
{
$Errors[]= " Last Name Cannot Be Less Than {$Min} Characters ";
}
// Check the Last Name Characters
if(strlen($LastName)>$Max)
{
$Errors[]= " Last Name Cannot Be More Than {$Max} Characters ";
}
// Check the Users Characters
if(!preg_match("/^[a-zA-Z,0-9]*$/",$UserName))
{
$Errors[]= " User Name Cannot Be Accept Those Characters ";
}
// Check the Email Exists
if(Email_Exists($Email))
{
$Errors[]= " Email Already Registered ! ";
}
// Check the User Name Exists
if(User_Exists($UserName))
{
$Errors[]= " User Name Already Registered ! ";
}
// Password & Confirm Password
if($Pass!=$CPass)
{
$Errors[]= " Password Not Matched ! ";
}

if(!empty($Errors))
{
foreach($Errors as $Error)
{
echo Error_validation($Error);
}
}
else
{
if(user_registration($FirstName,$LastName,$UserName,$Email,$Pass))
{
set_message('<p class="bg-success text-center lead">You Have Successfully Registered Please Check Your Activation Link</p>');
redirect("index.php");
}
else
{
set_message('<p class="bg-danger text-center lead"> Your Account Not Registered Please Try Again </p>');
redirect("index.php");
}
}
}
}
// Email Exists Function
function Email_Exists($email)
{
$sql = " select * from users where Email='$email'";
$result = Query($sql);
if(fatech_data($result))
{
return true;
}
else
{
return false;
}
}
// User Exists Function
function User_Exists($user)
{
$sql = " select * from users where UserName='$user'";
$result = Query($sql);
if(fatech_data($result))
{
return true;
}
else
{
return false;
}
}
// User Registration Function
function user_registration($FName,$LName,$UName,$Email,$Pass)
{
$FirstName = escape($FName);
$LastName = escape($LName);
$UserName = escape($UName);
$Email = escape($Email);
$Pass = escape($Pass);
if(Email_Exists($Email))
{
return true;
}
else if(User_Exists($UserName))
{
return true;
}
else
{
$Password = md5($Pass);
$Validation_code = md5($UserName + microtime());
$sql = "insert into users (FirstName,LastName,UserName,Email,Password,Validation_Code,Active) values ('$FirstName','$LastName','$UserName','$Email','$Password','$Validation_code','0')";
$result = Query($sql);
confirm($result);
$subject = " Active Your Account ";
$msg = " Please Click the Link Below to Active Your Account http://localhost/loginpro/activate.php?Email=$Email&Code=$Validation_code";
$header = "From No-Reply admin@onlineittuts.com";
send_email($Email,$subject,$msg,$header);
return true;
}
}
//Activation Function
function activation()
{
if($_SERVER['REQUEST_METHOD']=="GET")
{
$Email = $_GET['Email'];
$Code = $_GET['Code'];
$sql = " select * from users where Email='$Email' AND Validation_Code='$Code'";
$result = Query($sql);
confirm($result);
if(fatech_data($result))
{
$sqlquery = " update users set Active='1', Validation_Code='0' where Email='$Email' AND Validation_Code='$Code'";
$result2 = Query($sqlquery);
confirm($result2);
set_message('<p class="bg-success text-center lead"> Your Account Successfully Activated </p>');
redirect('login.php');
}
else
{
echo '<p class="bg-danger text-center lead"> Your Account Not Activated </p>';
}
}
}

///User Login Validation Function
function login_validation()
{
$Errors = [];
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
$UserEmail = clean($_POST['UEmail']);
$UserPass = clean($_POST['UPass']);
$Remember = isset($_POST['remember']);
if(empty($UserEmail))
{
$Errors[] = " Please Enter Your Email ";
}
if(empty($UserPass))
{
$Errors[] = " Please Enter Your Password ";
}
if(!empty($Errors))
{
foreach ($Errors as $Error)
{
echo Error_validation($Error);
}
}
else
{
if(user_login($UserEmail,$UserPass,$Remember))
{
redirect("admin.php");
}
else
{
echo Error_validation(" Please Enter Correct Email or Password");
}
}
}
}
// User Login Function
function user_login($UEmail,$UPass,$Remember)
{
$query = "select * from users where Email='$UEmail' and Active='1'";
$result = Query($query);
if($row=fatech_data($result))
{
$db_pass = $row['Password'];
if(md5($UPass)==$db_pass)
{
if($Remember == true)
{
setcookie('email',$UEmail, time() + 86400);
}
$_SESSION['Email']=$UEmail;
return true;
}
else
{
return false;
}
}
}
//Logged in Function
function logged_in()
{
if(isset($_SESSION['Email']) || isset($_COOKIE['email']))
{
return true;
}
else
{
return false;
}
}
/////////////Recover Function///////////////////
function recover_password()
{
if($_SERVER['REQUEST_METHOD'] == "POST")
{
if(isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token'])
{
$Email = $_POST['UEmail'];
if(Email_Exists($Email))
{
$code = md5($Email+microtime());
setcookie('temp_code',$code,time()+300);
$sql = "update users set Validation_Code='$code' where Email='$Email'";
Query($sql);
$Subject = " Please Reset the Password ";
$Message = "Please Follow on Below Link to Reset the Password '<b>{$code}</b>' http://localhost/loginpro/code.php?Email='$Email'&Code='$code'";
$header = "noreply@onlineittuts.com";
if(send_email($Email,$Subject,$Message,$header))
{
echo '<div class="alert alert-success"> Please Check Your Email :) </div>';
}
else
{
echo Error_validation(" We Coudn't Send an Email ");
}
}
else
{
echo Error_validation(" Email Not Found....");
}
}
else
{
redirect("index.php");
}
}
}

/// Validation Code Function
function validation_code()
{
if(isset($_COOKIE['temp_code']))
{
if(!isset($_GET['Email']) && !isset($_GET['Code']))
{
redirect("index.php");
}
else if(empty($_GET['Email']) && empty($_GET['Code']))
{
redirect("index.php");
}
else
{
if(isset($_POST['recover-code']))
{
$Code = $_POST['recover-code'];
$Email = $_GET['Email'];
$query = "select * from users where Validation_Code='$Code' and Email='$Email'";
$result = Query($query);
if(fatech_data($result))
{
setcookie('temp_code',$Code, time()+300);
redirect("reset.php?Email=$Email&Code=$Code");
}
else
{
echo Error_validation(" Your Code is Wrong :) ");
}
}
}
}
else
{
set_message('<div class="alert alert-danger"> Your Code Has Been Expired :) </div>');
redirect("recover.php");
}
}

///////////////Reset Password Function//////////////////////
function reset_password()
{
if(isset($_COOKIE['temp_code']))
{
if(isset($_GET['Email']) && isset($_GET['Code']))
{
if(isset($_SESSION['token']) && isset($_POST['token']))
{
if($_SESSION['token'] == $_POST['token'])
{
if($_POST['reset-pass'] === $_POST['reset-c-pass'])
{
$Password = md5($_POST['reset-pass']);
$query2 = "update users set Password='".$Password."', Validation_Code=0 where Email='".$_GET['Email']."'";
$result = Query($query2);
if($result)
{
set_message('<div class="alert alert-success"> Your Password Has Been Updated : )</dvi>');
redirect("login.php");
}
else
{
set_message('<div class="alert alert-danger"> Something Went Wrong :) </dvi>');
}

}
else
{
set_message('<div class="alert alert-danger"> Password Not Matched :) </dvi>');
}
}
}
}
else
{
set_message('<div class="alert alert-danger> Your Code or Your Email Has Not Matched :) </dvi>');
}
}
else
{
set_message('<div class="alert alert-danger> Your Time Period Has Been Expired </dvi>');
}
}
?>

Above mentioned tutorial and article all about Secure Login Registration System in PHP — Email Activation, You can learn that step by step.

How to Upload Php Website on Cpanel

If you want to upload the Php website on Cpanel or an Online Server, you must watch the video that I made. You can learn each step from scratch.

Guys, I hope you have learned something new in this video. If you like it, kindly share the content and Share it with Social Networks. If you have any questions/suggestions, comment to me or email, me after receiving your email. I will help you to solve your problems. Thanks For Watching and Reading the Complete Article.

--

--

Arhaan Ali

I’m Developer and Blogger I’ve been sharing my personal expereince on Udemy, YouTube and Also Personal Website.