prepare('SELECT * FROM users WHERE username = ?'); // execute the statement with the username parameter from the form $stmt->execute([$_POST['username']]); // retrieve the first row of results as an associative array $user = $stmt->fetch(PDO::FETCH_ASSOC); // verify the password using password_verify() if ($user && password_verify($_POST['password'], $user['password'])) { // set a session variable to mark the user as authenticated $_SESSION['user_id'] = $user['id']; // redirect to the home page or some other protected content header('Location: /home.php'); die(); } } // if the credentials are invalid, show an error message echo 'Invalid username or password'; } ?>
prepare('INSERT INTO users (name, email, password) VALUES (?, ?, ?)'); // hash the entered password using password_hash() $hashed_password = password_hash($_POST['password'], PASSWORD_DEFAULT); // execute the statement with the form inputs and hashed password $stmt->execute([$_POST['name'], $_POST['email'], $hashed_password]); // redirect to the login page or some other destination header('Location: /login.php'); die(); } // if any input fields are empty, show an error message echo 'Please fill in all fields'; } ?>This example uses both the PDO library and PHP's built-in password hashing functions to securely store the user's password in the database. Package/library used: PDO (PHP Data Objects), password_hash()