create or signup user and insert salt sha256 hash password in mysql

0
15311

Overview

In this Tutorial we made PHP signup form and link this signup form with our dummy website template this signup form will html5 confirm password validation and signup data will insert into mysql database table and password hash encrypted with sha256.
plus this tutorial has following things
-create table and table colmuns
-make auto increment column and primary key column
-difference between varchar and int

user table SQL script snippet code :

--
-- Table structure for table `user`
--

CREATE TABLE IF NOT EXISTS `user` (
`user_id` int(111) NOT NULL AUTO_INCREMENT,
`username` varchar(255) NOT NULL,
`password` varchar(255) NOT NULL,
`salt` varchar(255) NOT NULL,
PRIMARY KEY (`user_id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=7 ;

signup.php snippet code :

<form name="loginform" action="signup_nextpage.php" method="get">
<input type="text" name="username" placeholder="enter username" required>
<input type="password" id="passwordID" name="password" 
placeholder="enter password" required>
<input type="password" name="cpassword" placeholder="enter confirm password" 
oninput="check(this)" required>
<input type="submit" value="signup">
</form>

password and confirm password html5 validation custom error message with JavaScript snippet code :

<script language='javascript' type='text/javascript'>
function check(input) {
if (input.value != document.getElementById('passwordID').value) {
input.setCustomValidity('Password Must be Matching.');
} else {
// input is valid -- reset the error message
input.setCustomValidity('');
}
}
</script>

signup_nextpage.php snippet code : 

 <?php
$usernameVal=$_REQUEST["username"];
//$passwordVAl=$_REQUEST["password"];


$servername = "localhost";
$username = "root";
$password = "";
$dbname = "userstest_db";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
} 
else
{
     $escapedPW = mysqli_real_escape_string($conn,$_REQUEST['password']);

# generate a random salt to use for this account
$salt = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
$saltedPW =  $escapedPW . $salt;
///sha256 is a hashing algorithm
$hashedPW = hash('sha256', $saltedPW); 
    
    $sql="insert into user(username,password,salt) 
 value('$usernameVal','$hashedPW','$salt')";
    $result=$conn->query($sql);
    if($result==true)
        echo "user inserted successfully";
    else
        echo "user insertion error";
    
}

?>

 

Summary

PHP signup form with html5 confirm password validation and signup data will insert into mysql database table and password hash encrypted with sha256.