Scribd
Upload
136 views

PDO - PHP Database Extension

The document discusses how to perform basic CRUD (create, read, update, delete) operations on a database using PHP Data Objects (PDO), a PHP extension for database access. PDO provides a consistent interface for connecting to different database management systems. The document covers connecting to a database, inserting data using prepared statements, selecting data from the database, updating records, and deleting records. Code examples are provided for each operation.

Uploaded by

Waseem Abbas
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
136 views

PDO - PHP Database Extension

The document discusses how to perform basic CRUD (create, read, update, delete) operations on a database using PHP Data Objects (PDO), a PHP extension for database access. PDO provides a consistent interface for connecting to different database management systems. The document covers connecting to a database, inserting data using prepared statements, selecting data from the database, updating records, and deleting records. Code examples are provided for each operation.

Uploaded by

Waseem Abbas
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 33

PDO – PHP Database Extension

https://phpgurukul.com
Index

1. PDO – PHP database extension

2. How to use PDO to insert data into the database?

3. How to use PDO to read data from the database?

4. How to use PDO to update the database?

5. How to delete records?

6. PHP CRUD Operation using PDO Extension

7. Signup and Login operation using PDO


Chapter-1

PDO – PHP database extension


PDO (PHP Data Objects) is a PHP extension through which we can access and work with
databases. Though PDO is similar in many aspects to mySQLi, it is better to work with for
the following reasons:

• It is better protected against hackers.


• It is consistent across databases, so it can work with MySQL as well as other types of
databases (SQLite, Oracle, PostgreSQL, etc.)
• It is object oriented at its core.

In this PDO tutorial you will find recipes for 4 basic functions that we perform with the
database: insertion, selection, update, and deletion. The recipes are intended to work with
MySQL, but we can easily switch it with another database.

How to connect with the database through PDO?


It is considered good practice to wrap the database connection within a try-catch block so
that, if anything goes wrong, an exception will be thrown. We can customize the error
message but, in order to keep things simple, we’ll settle with the error message that PDO
provides.

In order to connect to the database, we’ll need the database name, username, and password.

1. // DB credentials.
2. define('DB_HOST','localhost');
3. define('DB_USER','your user name');
4. define('DB_PASS','your user password');
5. define('DB_NAME','your database name');
6. // Establish database connection.
7. try
8. {
9. $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME,DB_USER, DB_PASS,ar
ray(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"));
10. }
11. catch (PDOException $e)
12. {
13. exit("Error: " . $e->getMessage());
14. }

How to close the database connection?


PHP automatically closes the database connection but, if the need arises, we can deliberately close the
connection with the following line of code:

1. $dbh = null;
Chapter 2
How to use PDO to insert data into the database?

The SQL code for the users table:

1. CREATE TABLE IF NOT EXISTS users (id int(11) NOT NULL AUTO_INCREMENT,
2. name varchar(60) DEFAULT NULL,
3. phone varchar(12) DEFAULT NULL,
4. city varchar(60) DEFAULT NULL,
5. date_added date DEFAULT NULL,
6. PRIMARY KEY (id)
7. )

1.Write a regular SQL query but, instead of values, put named placeholders. For example:

1. $sql ="INSERT INTO `users`(`name`, `phone`, `city`, `date_added`)


2. VALUES(:name,:phone,:city,:date)";

The use of placeholders is known as prepared statements. We use prepared statements as


templates that we can fill later on with actual values.

2.Prepare the query:

1. $query = $dbh -> prepare($sql);

3.Bind the placeholders to the variables:

1. $query->bindParam(':name',$name);

You can add a third parameter which filters the data before it reaches the database:

1. $query->bindParam(':name',$name,PDO::PARAM_STR);
2. $query->bindParam(':phone',$phone,PDO::PARAM_INT);
3. $query->bindParam(':city',$city,PDO::PARAM_STR);
4. $query->bindParam(':date',$date,PDO::PARAM_STR);

• PDO::PARAM_STR is used for strings.


• PDO::PARAM_INT is used for integers.
• PDO::PARAM_BOOL allows only boolean (true/false) values.
• PDO::PARAM_NULL allows only NULL datatype.

4. Assign the values to the variables.

1. $name = "Anuj kumar";


2. $phone = "1234567890";
3. $city = "New Delhi";
4. $date = date('Y-m-d');

5. Execute the query:

1. $query -> execute();

6. Check that the insertion really worked:

1. $lastInsertId = $dbh->lastInsertId();
2. if($lastInsertId>0)
3. {
4. echo "Data inserted";
5. }
6. else
7. {
8. echo "Data not inserted";
9. }

If the last inserted id is greater than zero, the insertion worked.

All code together now:

1. $sql = "INSERT INTO `users`(`name`, `phone`, `city`, `date_added`)


2. VALUES
3. (:name,:phone,:city,:date)";
4. $query = $dbh -> prepare($sql);
5. $query->bindParam(':name',$name,PDO::PARAM_STR);
6. $query->bindParam(':phone',$phone,PDO::PARAM_INT);
7. $query->bindParam(':city',$city,PDO::PARAM_STR);
8. $query->bindParam(':date',$date);
9. // Insert the first row
10. $name = "Anuj";
11. $phone = "1234567890";
12. $city = "New Delhi";
13. $date = date('Y-m-d');
14. $query -> execute();
15. $lastInsertId = $dbh->lastInsertId();
16. if($lastInsertId>0)
17. {
18. echo "Data inserted";
19. }
20. else {
21. echo "Data not inserted"; }
22.
23. // Insert the second row
24. $name = "John Deo";
25. $phone = "9874563210";
26. $city = "New York";
27. $date = date('Y-m-d');
28. $query -> execute();
29. $lastInsertId = $dbh->lastInsertId();
30. if($lastInsertId>0){echo "Data inserted";}
31. else {echo "Data not inserted";}
The same task is better performed within a loop:

1. $sql = "INSERT INTO `users`(`name`, `phone`, `city`, `date_added`)


2. VALUES
3. (:name,:phone,:city,:date)";
4. $query = $dbh -> prepare($sql);
5. $query->bindParam(':name',$name,PDO::PARAM_STR);
6. $query->bindParam(':phone',$phone,PDO::PARAM_INT);
7. $query->bindParam(':city',$city,PDO::PARAM_STR);
8. $query->bindParam(':date',$date,PDO::PARAM_STR);
9. // Provide the data to the loop within an array
10. $date = date('Y-m-d');
11. $userData = array(
12. array("Anuj kumar","1234567890","New Delhi",$date),
13. array("John Doe","9876543210","New York",$date)
14. );
15.
16. // Perform the query within a loop
17. foreach($userData as $key => $value)
18. {
19. $name = $value[0];
20. $phone = $value[1];
21. $city = $value[2];
22. $date = $value[3];
23. $query -> execute();
24. $lastInsertId = $dbh->lastInsertId();
25. if($lastInsertId>0){
26. echo "Data inserted";
27. } else {
28. echo "Data not inserted";}
29. }
Chapter 3

How to use PDO to read data from the database?


Reading data from the database is not so different than inserting data, with steps 1 to 5 being
almost identical while the sixth step is different.

1. Write the regular select statement and again, instead of values, put named placeholders.
For example:

1. $sql = "SELECT * FROM users";

2. Prepare the query:

1. $query = $dbh -> prepare($sql);

3.Execute the query:

1. $query -> execute();

4. Assign the data which you pulled from the database (in the preceding step) to a variable.

1. $results = $query -> fetchAll(PDO::FETCH_OBJ);

Here I used the parameter PDO::FETCH_OBJ that returns the fetched data as an object. If
you’d like to fetch the data in the form of an array, use: PDO::FETCH_ASSOC.
5. Make sure that you were able to retrieve the data from the database, by counting the
number of records.

1. if($query -> rowCount() > 0){}

6. In case that the query returned at least one record, we can echo the records within a foreach
loop:

1. $sql = "SELECT * FROM users WHERE city = :city";


2. $query = $dbh -> prepare($sql);
3. $query -> bindParam(':city', $city, PDO::PARAM_STR);
4. $city = "New York";
5. $query -> execute();
6. $results = $query -> fetchAll(PDO::FETCH_OBJ);
7. if($query -> rowCount() > 0) {
8. foreach($results as $result)
9. {
10. echo $result -> name . ", ";
11. echo $result -> city . ", ";
12. echo $result -> date_added;
13. }
14. }
Chapter 4

How to use PDO to update the database?


1.Write the regular update statement and again, instead of values, assign the named
placeholders. For example:

1. $sql = "UPDATE `users` SET `city`= :city, `phone` = :tel


2. WHERE `id` = :id";

2. Prepare the query:

1. $query = $dbh->prepare($sql);

3. Bind the parameters:

1. $query -> bindParam(':city', $city, PDO::PARAM_STR);


2. $query -> bindParam(':tel' , $tel , PDO::PARAM_INT);
3. $query -> bindParam(':id' , $id , PDO::PARAM_INT);

4. Define the bound values:

1. $tel = '06901234567';
2. $city = 'New Delhi';
3. $id = 1;

5. Execute the query:

1. $query -> execute();

6. Check that the query has been performed and that the database has been successfully
updated.

1. if($query -> rowCount() > 0)


2. {
3. $count = $query -> rowCount();
4. echo $count . "Record updated successfully.";
5. }
6. else
7. {
8. echo "Record not updated.";
9. }
All together now:

1. $sql = "UPDATE users


2. SET `city`= :city, `phone` = :tel WHERE `id` = :id";
3. $query = $dbh->prepare($sql);
4. $query -> bindParam(':city', $city, PDO::PARAM_STR);
5. $query -> bindParam(':tel' , $tel , PDO::PARAM_INT);
6. $query -> bindParam(':id' , $id , PDO::PARAM_INT);
7. $tel = '02012345678';
8. $city = 'London';
9. $id = 1;
10. $query -> execute();
11. if($query -> rowCount() > 0)
12. {
13. $count = $query -> rowCount();
14. echo $count . "Record updated successfully.";
15. }
16. else
17. {
18. echo "Record not updated.";
19. }
Chapter 5

How to delete records?

1. Write the delete statement :

1. $sql = "DELETE FROM `users` WHERE `id`=:id";

2. Prepare the query :

1. $query = $dbh -> prepare($sql);

3. Bind the parameters :

1. $query -> bindParam(':id', $id, PDO::PARAM_INT);

4. Define the bound values :

1. $id = 1;

5. Execute the query :

1. $query -> execute();

6. Check that the query has been performed and that the records have been successfully

deleted from the database :

1. if($query -> rowCount() > 0)


2. {
3. $count = $query -> rowCount();
4. echo $count . " Data deleted.";
5. }
6. else
7. {
8. echo "No affected rows.";
9. }
All code together now:

1. $sql = "DELETE FROM `users` WHERE `id`=:id";


2. $query = $dbh -> prepare($sql);
3. $query -> bindParam(':id', $id, PDO::PARAM_INT);
4. $id = 1;
5. $query -> execute();
6. if($query -> rowCount() > 0)
7. {
8. $count = $query -> rowCount();
9. echo $count . " Data Deleted.";
10. }
11. else
12. {
13. echo "No affected rows.";
14. }
Chapter 6

PHP CRUD Operation using PDO Extension

CRUD Stands for create, read, update and delete record in the database.

File Structure for CRUD Operation

• dbconfig.php : Used for database connection


• tblusers.sql : Contain the structure of the database table
• insert.php : Used for add a record in the database
• index.php : Used for read the record from database .
• update.php : Used for updating a record.

Step 1– Create a database


Open browser type http://localhost/phpmyadmin, create a database named ‘phpcrudpdo’ .
After creating database run the sql script.

1. -- Table structure for table `tblusers`


2. --
3. CREATE TABLE IF NOT EXISTS `tblusers` (
4. `id` int(11) NOT NULL,
5. `FirstName` varchar(150) NOT NULL,
6. `LastName` varchar(150) NOT NULL,
7. `EmailId` varchar(120) NOT NULL,
8. `ContactNumber` char(11) NOT NULL,
9. `Address` varchar(255) NOT NULL,
10. `PostingDate` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
11. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
12.
13. -- Indexes for table `tblusers`
14. --
15. ALTER TABLE `tblusers`
16. ADD PRIMARY KEY (`id`);
17. -- AUTO_INCREMENT for dumped tables
18. -- AUTO_INCREMENT for table `tblusers`
19. --
20. ALTER TABLE `tblusers`
21. MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
Step 2– Create a database connection file (dbconfig.php)
create a dbconfig.php file and place the code given below :

1. <?php
2. // DB credentials.
3. define('DB_HOST','localhost');
4. define('DB_USER','root');
5. define('DB_PASS','');
6. define('DB_NAME','phpcrudpdo');
7. // Establish database connection.
8. try
9. {
10. $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME,DB_USER, DB_PASS);

11. }
12. catch (PDOException $e)
13. {
14. exit("Error: " . $e->getMessage());
15. }
16. ?>

Step 3 : Insert a record in database


Create a insert.php file for insert record in the database . This page include a HTML form
with input field where we can fill the data.

1. <!DOCTYPE html>
2. <html lang="en">
3. <head>
4. <meta charset="utf-8">
5. <title>PHP CURD Operation using PDO Extension </title>
6. <meta name="viewport" content="width=device-width, initial-
scale=1">
7. <link href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/css/bootstrap.m
in.css" rel="stylesheet">
8. <script src="http://code.jquery.com/jquery-1.11.1.min.js"></script>
9. <script src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/bootstra
p.min.js"></script>
10. </head>
11. <body>
12.
13. <div class="container">
14.
15. <div class="row">
16. <div class="col-md-12">
17. <h3>Insert Record | PHP CRUD Operations using PDO Extension</h3>
18. <hr />
19. </div>
20. </div>
21.
22.
23. <form name="insertrecord" method="post">
24. <div class="row">
25. <div class="col-md-4"><b>First Name</b>
26. <input type="text" name="firstname" class="form-control" required>
27. </div>
28. <div class="col-md-4"><b>Last Name</b>
29. <input type="text" name="lastname" class="form-control" required>
30. </div>
31. </div>
32.
33. <div class="row">
34. <div class="col-md-4"><b>Email id</b>
35. <input type="email" name="emailid" class="form-control" required>
36. </div>
37. <div class="col-md-4"><b>Contactno</b>
38. <input type="text" name="contactno" class="form-
control" maxlength="10" required>
39. </div>
40. </div>
41.
42. <div class="row">
43. <div class="col-md-8"><b>Address</b>
44. <textarea class="form-control" name="address" required>
45. </div>
46. </div>
47. <div class="row" style="margin-top:1%">
48. <div class="col-md-8">
49. <input type="submit" name="insert" value="Submit">
50. </div>
51. </div>
52. </form>
53. </div>
54. </div>
55. </body>
56. </html>

Code for insert a record in database. Once the user filled all the data and click on the submit
button then data will be saved in the database using the below code:

1. <?php
2. // include database connection file
3. require_once'dbconfig.php';
4. if(isset($_POST['insert']))
5. {
6. // Posted Values
7. $fname=$_POST['firstname'];
8. $lname=$_POST['lastname'];
9. $emailid=$_POST['emailid'];
10. $contactno=$_POST['contactno'];
11. $address=$_POST['address'];
12. // Query for Insertion
13. $sql="INSERT INTO tblusers(FirstName,LastName,EmailId,ContactNumber,Address
) VALUES(:fn,:ln,:eml,:cno,:adrss)";
14. //Prepare Query for Execution
15. $query = $dbh->prepare($sql);
16. // Bind the parameters
17. $query->bindParam(':fn',$fname,PDO::PARAM_STR);
18. $query->bindParam(':ln',$lname,PDO::PARAM_STR);
19. $query->bindParam(':eml',$emailid,PDO::PARAM_STR);
20. $query->bindParam(':cno',$contactno,PDO::PARAM_STR);
21. $query->bindParam(':adrss',$address,PDO::PARAM_STR);
22. // Query Execution
23. $query->execute();
24. // Check that the insertion really worked. If the last inserted id is great
er than zero, the insertion worked.
25. $lastInsertId = $dbh->lastInsertId();
26. if($lastInsertId)
27. {
28. // Message for successfull insertion
29. echo "<script>alert('Record inserted successfully');</script>";
30. echo "<script>window.location.href='index.php'</script>";
31. }
32. else
33. {
34. // Message for unsuccessfull insertion
35. echo "<script>alert('Something went wrong. Please try again');</script>";
36. echo "<script>window.location.href='index.php'</script>";
37. }
38. }
39. ?>

Step 4 : Read record from the database


Create a index.php file for read all records from database.

1. <?php
2. // include database connection file
3. require_once'dbconfig.php'; ?>
4. <!DOCTYPE html>
5. <html lang="en">
6. <head>
7. <meta charset="utf-8">
8. <title>PHP CRUD Operations using PDO Extension </title>
9. <meta name="viewport" content="width=device-width, initial-scale=1">
10. <link href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/css/bootstrap.m
in.css" rel="stylesheet">
11. <style type="text/css">
12. </style>
13. <script src="http://code.jquery.com/jquery-1.11.1.min.js"></script>
14. <script src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/bootstra
p.min.js"></script>
15. </head>
16. <body>
17. <div class="container">
18. <div class="row">
19. <div class="col-md-12">
20. <h3>PHP CRUD Operations using PDO Extension</h3> <hr />
21. <a href="insert.php"><button class="btn btn-
primary"> Insert Record</button></a>
22. <div class="table-responsive">
23. <table id="mytable" class="table table-bordred table-striped">
24. <thead>
25. <th>#</th>
26. <th>First Name</th>
27. <th>Last Name</th>
28. <th>Email</th>
29. <th>Contact</th>
30. <th>Address</th>
31. <th>Posting Date</th>
32. <th>Edit</th>
33. <th>Delete</th>
34. </thead>
35. <tbody>
36.
37. <?php
38. $sql = "SELECT FirstName,LastName,EmailId,ContactNumber,Address,PostingDate
,id from tblusers";
39. //Prepare the query:
40. $query = $dbh->prepare($sql);
41. //Execute the query:
42. $query->execute();
43. //Assign the data which you pulled from the database (in the preceding step
) to a variable.
44. $results=$query->fetchAll(PDO::FETCH_OBJ);
45. // For serial number initialization
46. $cnt=1;
47. if($query->rowCount() > 0)
48. {
49. //In case that the query returned at least one record, we can echo the reco
rds within a foreach loop:
50. foreach($results as $result)
51. {
52. ?>
53. <!-- Display Records -->
54. <tr>
55. <td><?php echo htmlentities($cnt);?></td>
56. <td><?php echo htmlentities($result->FirstName);?></td>
57. <td><?php echo htmlentities($result->LastName);?></td>
58. <td><?php echo htmlentities($result->EmailId);?></td>
59. <td><?php echo htmlentities($result->ContactNumber);?></td>
60. <td><?php echo htmlentities($result->Address);?></td>
61. <td><?php echo htmlentities($result->PostingDate);?></td>
62.
63. <td><a href="update.php?id=<?php echo htmlentities($result-
>id);?>"><button class="btn btn-primary btn-
xs"><span class="glyphicon glyphicon-pencil"></span></button></a></td>
64.
65. <td><a href="index.php?del=<?php echo htmlentities($result-
>id);?>"><button class="btn btn-danger btn-
xs" onClick="return confirm('Do you really want to delete');"><span class="
glyphicon glyphicon-trash"></span></button></a></td>
66. </tr>
67.
68. <?php
69. // for serial number increment
70. $cnt++;
71. }} ?>
72. </tbody>
73. </table>
74. </div>
75. </div>
76. </div>
77. </div>
78. </body>
79. </html>
Step 5 : Update record in the database

Step 5.1 : Get data in HTML From

Create update.php file. For updating a record we have to get the row id of that record and
store in $id. We access the $_GET[‘id’] variable to do it.

Code for get a record based on the given id. Through this way we can get data autofill-data in
HTML Form.

1. <?php
2. // Get the userid
3. $userid=intval($_GET['id']);
4. $sql = "SELECT FirstName,LastName,EmailId,ContactNumber,Address,PostingDate
,id from tblusers where id=:uid";
5. //Prepare the query:
6. $query = $dbh->prepare($sql);
7. //Bind the parameters
8. $query->bindParam(':uid',$userid,PDO::PARAM_STR);
9. //Execute the query:
10. $query->execute();
11. //Assign the data which you pulled from the database (in the preceding step
) to a variable.
12. $results=$query->fetchAll(PDO::FETCH_OBJ);
13. // For serial number initialization
14. $cnt=1;
15. if($query->rowCount() > 0)
16. {
17. //In case that the query returned at least one record, we can echo the reco
rds within a foreach loop:
18. foreach($results as $result)
19. {
20. ?>
21. <form name="insertrecord" method="post">
22. <div class="row">
23. <div class="col-md-4"><b>First Name</b>
24. <input type="text" name="firstname" value="<?php echo htmlentities($result-
>FirstName);?>" class="form-control" required>
25. </div>
26. <div class="col-md-4"><b>Last Name</b>
27. <input type="text" name="lastname" value="<?php echo htmlentities($result-
>LastName);?>" class="form-control" required>
28. </div>
29. </div>
30. <div class="row">
31. <div class="col-md-4"><b>Email id</b>
32. <input type="email" name="emailid" value="<?php echo htmlentities($result-
>EmailId);?>" class="form-control" required>
33. </div>
34. <div class="col-md-4"><b>Contactno</b>
35. <input type="text" name="contactno" value="<?php echo htmlentities($result-
>ContactNumber);?>" class="form-control" maxlength="10" required>
36. </div>
37. </div>
38. <div class="row">
39. <div class="col-md-8"><b>Address</b>
40. <textarea class="form-
control" name="address" required><?php echo htmlentities($result-
>Address);?>
41. </div>
42. </div>
43. <?php }} ?>
44.
45. <div class="row" style="margin-top:1%">
46. <div class="col-md-8">
47. <input type="submit" name="update" value="Update">
48. </div>
49. </div>

Step 5.2 : Code for update the record

1. <?php
2. // include database connection file
3. require_once'dbconfig.php';
4. if(isset($_POST['update']))
5. {
6. // Get the userid
7. $userid=intval($_GET['id']);
8. // Posted Values
9. $fname=$_POST['firstname'];
10. $lname=$_POST['lastname'];
11. $emailid=$_POST['emailid'];
12. $contactno=$_POST['contactno'];
13. $address=$_POST['address'];
14. // Query for Updation
15. $sql="update tblusers set FirstName=:fn,LastName=:ln,EmailId=:eml,ContactNu
mber=:cno,Address=:adrss where id=:uid";
16. //Prepare Query for Execution
17. $query = $dbh->prepare($sql);
18. // Bind the parameters
19. $query->bindParam(':fn',$fname,PDO::PARAM_STR);
20. $query->bindParam(':ln',$lname,PDO::PARAM_STR);
21. $query->bindParam(':eml',$emailid,PDO::PARAM_STR);
22. $query->bindParam(':cno',$contactno,PDO::PARAM_STR);
23. $query->bindParam(':adrss',$address,PDO::PARAM_STR);
24. $query->bindParam(':uid',$userid,PDO::PARAM_STR);
25. // Query Execution
26. $query->execute();
27. // Mesage after updation
28. echo "<script>alert('Record Updated successfully');</script>";
29. // Code for redirection
30. echo "<script>window.location.href='index.php'</script>";
31. }
32. ?>
Step 6 : Delete a record from the database
Place this code in the index.php file.

1. <?php
2. // include database connection file
3. require_once'dbconfig.php';
4. // Code for record deletion
5. if(isset($_REQUEST['del']))
6. {
7. //Get row id
8. $uid=intval($_GET['del']);
9. //Qyery for deletion
10. $sql = "delete from tblusers WHERE id=:id";
11. // Prepare query for execution
12. $query = $dbh->prepare($sql);
13. // bind the parameters
14. $query-> bindParam(':id',$uid, PDO::PARAM_STR);
15. // Query Execution
16. $query -> execute();
17. // Mesage after updation
18. echo "<script>alert('Record Updated successfully');</script>";
19. // Code for redirection
20. echo "<script>window.location.href='index.php'</script>";
21. }
22.
23. ?>
Chapter 7

Signup and Login operation using PDO


File structure for Sign up and Login operation
• signup.php– For user signup or user registration
• check_availability.php– For username and email-id availabilty
• index.php– For Userlogin
• welcome.php– After login user redirect to this page
• logout.php– Logout page
• config.php– Database connection file
• pdosignup.sql– Sql table structure for signup

Step 1– Create a database


Open browser type http://localhost/phpmyadmin, create a database named ‘pdosignup’ . After
creating database run the sql script or import the sql file given inside the package.

Structure for sql table userdata

1. CREATE TABLE IF NOT EXISTS `userdata` (


2. `id` int(11) NOT NULL,
3. `FullName` varchar(200) DEFAULT NULL,
4. `UserName` varchar(12) DEFAULT NULL,
5. `UserEmail` varchar(200) DEFAULT NULL,
6. `UserMobileNumber` varchar(10) DEFAULT NULL,
7. `LoginPassword` varchar(255) DEFAULT NULL,
8. `RegDate` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
9. ) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=latin1;
10.
11. -- Indexes for table `userdata`
12. --
13. ALTER TABLE `userdata`
14. ADD PRIMARY KEY (`id`);
15.
16. --
17. -- AUTO_INCREMENT for dumped tables
18. --
19.
20. --
21. -- AUTO_INCREMENT for table `userdata`
22. --
23. ALTER TABLE `userdata`
24. MODIFY `id` int(11) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=8;
25. /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
26. /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
27. /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
Step 2– Create a database configuration file config.php

1. <?php
2. // DB credentials.
3. define('DB_HOST','localhost'); // Host name
4. define('DB_USER','root'); // db user name
5. define('DB_PASS',''); // db user password name
6. define('DB_NAME','pdosignup'); // db name
7. // Establish database connection.
8. try
9. {
10. $dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME,DB_USER, DB_PASS);

11. }
12. catch (PDOException $e)
13. {
14. exit("Error: " . $e->getMessage());
15. }
16. ?>

Step 3– Create a Signup or Registration form signup.php

Step3.1 HTML form with html5 validation pattern. In this form every input filed valid with
HTML5 pattern validation
Fullname can contain any letters only with spaces

pattern=”[a-zA-Z\s]+”

Username can contain any letters or numbers, without spaces 6 to 12 chars

pattern=”^[a-zA-Z][a-zA-Z0-9-_.]{5,12}$”

email accepts valid email address

type=“email”
Mobile Number Contain only 10 digit numeric values

pattern=”[0-9]{10}” maxlength=”10″

Password should be at least 4 characters

pattern=”^\S{4,}$” onchange=”this.setCustomValidity(this.validity.patternMismatch ? ‘Must


have at least 4 characters’ : ”); if(this.checkValidity()) form.password_two.pattern =
this.value;”
Confirm Password should be same as password

pattern=”^\S{4,}$” onchange=”this.setCustomValidity(this.validity.patternMismatch ?
‘Please enter the same Password as above’ : ”)”

1. <form class="form-horizontal" action='' method="post">


2. <div class="control-group">
3. <!-- Full name -->
4. <label class="control-label" for="fullname">Full Name</label>
5. <div class="controls">
6. <input type="text" id="fname" name="fname" pattern="[a-zA-
Z\s]+" title="Full name must contain letters only" class="input-
xlarge" required>
7. <p class="help-
block">Username can contain any letters or numbers, without spaces</p>
8. </div>
9. </div>
10.
11.
12. <div class="control-group">
13. <!-- Username -->
14. <label class="control-label" for="username">Username</label>
15. <div class="controls">
16. <input type="text" id="username" name="username" onBlur="checkUsern
ameAvailability()" pattern="^[a-zA-Z][a-zA-Z0-9-
_.]{5,12}$" title="User must be alphanumeric without spaces 6 to 12 chars"
class="input-xlarge" required>
17. <!-- Message for username availability-->
18. <span id="username-availability-status" style="font-size:12px;"></span>
19. <p class="help-
block">Username can contain any letters or numbers, without spaces</p>
20. </div>
21. </div>
22.
23. <div class="control-group">
24. <!-- E-mail -->
25. <label class="control-label" for="email">E-mail</label>
26. <div class="controls">
27. <input type="email" id="email" name="email" placeholder="" onBlur="
checkEmailAvailability()" class="input-xlarge" required>
28. <!-- Message for Email availability-->
29. <span id="email-availability-status" style="font-size:12px;"></span>
30. <p class="help-block">Please provide your E-mail</p>
31. </div>
32. </div>
33.
34. <div class="control-group">
35. <!-- Mobile Number -->
36. <label class="control-
label" for="mobilenumber">Mobile Number </label>
37. <div class="controls">
38. <input type="text" id="mobilenumber" name="mobilenumber" pattern="[
0-9]{10}" maxlength="10" title="10 numeric digits only" class="input-
xlarge" required>
39. <p class="help-
block">Mobile Number Contain only numeric values,net</p>
40. </div>
41. </div>
42. <div class="control-group">
43. <!-- Password-->
44. <label class="control-label" for="password">Password</label>
45. <div class="controls">
46. <input type="password" id="password" name="password" pattern="^\S{4
,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must
have at least 4 characters' : ''); if(this.checkValidity()) form.password_
two.pattern = this.value;" required class="input-xlarge">
47. <p class="help-
block">Password should be at least 4 characters</p>
48. </div>
49. </div>
50.
51. <div class="control-group">
52. <!-- Confirm Password -->
53. <label class="control-
label" for="password_confirm">Password (Confirm)</label>
54. <div class="controls">
55. <input type="password" id="password_confirm" name="password_confirm
" pattern="^\S{4,}$" onchange="this.setCustomValidity(this.validity.pattern
Mismatch ? 'Please enter the same Password as above' : '')"" class="input-
xlarge">
56. <p class="help-block">Please confirm password</p>
57. </div>
58. </div>
59. <div class="control-group">
60. <!-- Button -->
61. <div class="controls">
62. <button class="btn btn-
success" type="submit" name="signup">Signup </button>
63.
64. </div>
65. </form>

Step3.2 Check the username and email availability in the data using j-query

j-query code

1. <!--Javascript for check username availability-->


2. <script>
3. function checkUsernameAvailability() {
4. $("#loaderIcon").show();
5. jQuery.ajax({
6. url: "check_availability.php",
7. data:'username='+$("#username").val(),
8. type: "POST",
9. success:function(data){
10. $("#username-availability-status").html(data);
11. $("#loaderIcon").hide();
12. },
13. error:function (){
14. }
15. });
16. }
17. </script>
18.
19. <!--Javascript for check email availability-->
20. <script>
21. function checkEmailAvailability() {
22. $("#loaderIcon").show();
23. jQuery.ajax({
24. url: "check_availability.php",
25. data:'email='+$("#email").val(),
26. type: "POST",
27. success:function(data){
28.
29. $("#email-availability-status").html(data);
30. $("#loaderIcon").hide();
31. },
32. error:function (){
33. event.preventDefault();
34. }
35. });
36. }
37. </script>

PHP Code for checking availability in the database (check_availability.php)

1. <?php
2. require_once("config.php");
3. // Code for checking username availabilty
4. if(!emptyempty($_POST["username"])) {
5. $uname= $_POST["username"];
6. $sql ="SELECT UserName FROM userdata WHERE UserName=:uname";
7. $query= $dbh -> prepare($sql);
8. $query-> bindParam(':uname', $uname, PDO::PARAM_STR);
9. $query-> execute();
10. $results = $query -> fetchAll(PDO::FETCH_OBJ);
11. if($query -> rowCount() > 0)
12. {
13. echo "<span style='color:red'> Username already exists.</span>";
14. } else{
15. echo "<span style='color:green'> Username available for Registration.</span
>";
16. }
17. }
18.
19. // Code for checking email availabilty
20. if(!emptyempty($_POST["email"])) {
21. $email= $_POST["email"];
22. $sql ="SELECT UserEmail FROM userdata WHERE UserEmail=:email";
23. $query= $dbh -> prepare($sql);
24. $query-> bindParam(':email', $email, PDO::PARAM_STR);
25. $query-> execute();
26. $results = $query -> fetchAll(PDO::FETCH_OBJ);
27. if($query -> rowCount() > 0)
28. {
29. echo "<span style='color:red'>Email-id already exists.</span>";
30. } else{
31. echo "<span style='color:green'>Email-
id available for Registration.</span>";
32. }
33. }
34.
35. ?>

Step3.3 code for inserting sign up values in the database

1. <?php
2. //Database Configuration File
3. include('config.php');
4. error_reporting(0);
5. if(isset($_POST['signup']))
6. {
7. //Getting Post Values
8. $fullname=$_POST['fname'];
9. $username=$_POST['username'];
10. $email=$_POST['email'];
11. $mobile=$_POST['mobilenumber'];
12. $password=md5($_POST['password']);
13. // Query for validation of username and email-id
14. $ret="SELECT * FROM userdata where (UserName=:uname || UserEmail=:uemail)"
;
15. $queryt = $dbh -> prepare($ret);
16. $queryt->bindParam(':uemail',$email,PDO::PARAM_STR);
17. $queryt->bindParam(':uname',$username,PDO::PARAM_STR);
18. $queryt -> execute();
19. $results = $queryt -> fetchAll(PDO::FETCH_OBJ);
20. if($queryt -> rowCount() == 0)
21. {
22. // Query for Insertion
23. $sql="INSERT INTO userdata(FullName,UserName,UserEmail,UserMobileNumber,Log
inPassword) VALUES(:fname,:uname,:uemail,:umobile,:upassword)";
24. $query = $dbh->prepare($sql);
25. // Binding Post Values
26. $query->bindParam(':fname',$fullname,PDO::PARAM_STR);
27. $query->bindParam(':uname',$username,PDO::PARAM_STR);
28. $query->bindParam(':uemail',$email,PDO::PARAM_STR);
29. $query->bindParam(':umobile',$mobile,PDO::PARAM_INT);
30. $query->bindParam(':upassword',$password,PDO::PARAM_STR);
31. $query->execute();
32. $lastInsertId = $dbh->lastInsertId();
33. if($lastInsertId)
34. {
35. $msg="You have signup Scuccessfully";
36. }
37. else
38. {
39. $error="Something went wrong.Please try again";
40. }
41. }
42. else
43. {
44. $error="Username or Email-id already exist. Please try again";
45. }
46. }
47. ?>
Here is the full code that we have written for signup(signup.php) :

1. <?php
2. //Database Configuration File
3. include('config.php');
4. error_reporting(0);
5. if(isset($_POST['signup']))
6. {
7. //Getting Post Values
8. $fullname=$_POST['fname'];
9. $username=$_POST['username'];
10. $email=$_POST['email'];
11. $mobile=$_POST['mobilenumber'];
12. $password=md5($_POST['password']);
13. // Query for validation of username and email-id
14. $ret="SELECT * FROM userdata where (UserName=:uname || UserEmail=:uemail)"
;
15. $queryt = $dbh -> prepare($ret);
16. $queryt->bindParam(':uemail',$email,PDO::PARAM_STR);
17. $queryt->bindParam(':uname',$username,PDO::PARAM_STR);
18. $queryt -> execute();
19. $results = $queryt -> fetchAll(PDO::FETCH_OBJ);
20. if($queryt -> rowCount() == 0)
21. {
22. // Query for Insertion
23. $sql="INSERT INTO userdata(FullName,UserName,UserEmail,UserMobileNumber,Log
inPassword) VALUES(:fname,:uname,:uemail,:umobile,:upassword)";
24. $query = $dbh->prepare($sql);
25. // Binding Post Values
26. $query->bindParam(':fname',$fullname,PDO::PARAM_STR);
27. $query->bindParam(':uname',$username,PDO::PARAM_STR);
28. $query->bindParam(':uemail',$email,PDO::PARAM_STR);
29. $query->bindParam(':umobile',$mobile,PDO::PARAM_INT);
30. $query->bindParam(':upassword',$password,PDO::PARAM_STR);
31. $query->execute();
32. $lastInsertId = $dbh->lastInsertId();
33. if($lastInsertId)
34. {
35. $msg="You have signup Scuccessfully";
36. }
37. else
38. {
39. $error="Something went wrong.Please try again";
40. }
41. }
42. else
43. {
44. $error="Username or Email-id already exist. Please try again";
45. }
46. }
47. ?>
48.
49. <!DOCTYPE html>
50. <html lang="en">
51. <head>
52. <meta charset="utf-8">
53. <title>PDO | Registration Form</title>
54. <meta name="viewport" content="width=device-width, initial-
scale=1">
55. <link href="https://netdna.bootstrapcdn.com/twitter-
bootstrap/2.3.2/css/bootstrap-combined.min.css" rel="stylesheet">
56. <script src="https://code.jquery.com/jquery-1.11.1.min.js"></script>
57. <script src="https://netdna.bootstrapcdn.com/twitter-
bootstrap/2.3.2/js/bootstrap.min.js"></script>
58. <style>
59. .errorWrap {
60. padding: 10px;
61. margin: 0 0 20px 0;
62. background: #fff;
63. border-left: 4px solid #dd3d36;
64. -webkit-box-shadow: 0 1px 1px 0 rgba(0,0,0,.1);
65. box-shadow: 0 1px 1px 0 rgba(0,0,0,.1);
66. }
67. .succWrap{
68. padding: 10px;
69. margin: 0 0 20px 0;
70. background: #fff;
71. border-left: 4px solid #5cb85c;
72. -webkit-box-shadow: 0 1px 1px 0 rgba(0,0,0,.1);
73. box-shadow: 0 1px 1px 0 rgba(0,0,0,.1);
74. }
75. </style>
76. <!--Javascript for check username availability-->
77. <script>
78. function checkUsernameAvailability() {
79. $("#loaderIcon").show();
80. jQuery.ajax({
81. url: "check_availability.php",
82. data:'username='+$("#username").val(),
83. type: "POST",
84. success:function(data){
85. $("#username-availability-status").html(data);
86. $("#loaderIcon").hide();
87. },
88. error:function (){
89. }
90. });
91. }
92. </script>
93.
94. <!--Javascript for check email availability-->
95. <script>
96. function checkEmailAvailability() {
97. $("#loaderIcon").show();
98. jQuery.ajax({
99. url: "check_availability.php",
100. data:'email='+$("#email").val(),
101. type: "POST",
102. success:function(data){
103.
104. $("#email-availability-status").html(data);
105. $("#loaderIcon").hide();
106. },
107. error:function (){
108. event.preventDefault();
109. }
110. });
111. }
112. </script>
113.
114.
115. </head>
116. <body>
117. <form class="form-horizontal" action='' method="post">
118. <fieldset>
119. <div id="legend" style="padding-left:4%">
120. <legend class="">Register | <a href="index.php">Sign in</a></l
egend>
121. </div>
122. <!--Error Message-->
123. <?php if($error){ ?><div class="errorWrap">
124. <strong>Error </strong> : <?php echo htmlentities($e
rror);?></div>
125. <?php } ?>
126. <!--Success Message-->
127. <?php if($msg){ ?><div class="succWrap">
128. <strong>Well Done </strong> : <?php echo htmlentitie
s($msg);?></div>
129. <?php } ?>
130.
131. <div class="control-group">
132. <!-- Full name -->
133. <label class="control-
label" for="fullname">Full Name</label>
134. <div class="controls">
135. <input type="text" id="fname" name="fname" pattern="[a-zA-
Z\s]+" title="Full name must contain letters only" class="input-
xlarge" required>
136. <p class="help-
block">Full can contain any letters only</p>
137. </div>
138. </div>
139. <div class="control-group">
140. <!-- Username -->
141. <label class="control-
label" for="username">Username</label>
142. <div class="controls">
143. <input type="text" id="username" name="username" onBlur="che
ckUsernameAvailability()" pattern="^[a-zA-Z][a-zA-Z0-9-
_.]{5,12}$" title="User must be alphanumeric without spaces 6 to 12 chars"
class="input-xlarge" required>
144. <span id="username-availability-status" style="font-
size:12px;"></span>
145. <p class="help-
block">Username can contain any letters or numbers, without spaces 6 to 12
chars </p>
146. </div>
147. </div>
148.
149. <div class="control-group">
150. <!-- E-mail -->
151. <label class="control-label" for="email">E-mail</label>
152. <div class="controls">
153. <input type="email" id="email" name="email" placeholder="" o
nBlur="checkEmailAvailability()" class="input-xlarge" required>
154. <span id="email-availability-status" style="font-
size:12px;"></span>
155. <p class="help-block">Please provide your E-mail</p>
156. </div>
157. </div>
158.
159. <div class="control-group">
160. <!-- Mobile Number -->
161. <label class="control-
label" for="mobilenumber">Mobile Number </label>
162. <div class="controls">
163. <input type="text" id="mobilenumber" name="mobilenumber" pat
tern="[0-
9]{10}" maxlength="10" title="10 numeric digits only" class="input-
xlarge" required>
164. <p class="help-
block">Mobile Number Contain only 10 digit numeric values</p>
165. </div>
166. </div>
167. <div class="control-group">
168. <!-- Password-->
169. <label class="control-label" for="password">Password</label>
170. <div class="controls">
171. <input type="password" id="password" name="password" pattern
="^\S{4,}$" onchange="this.setCustomValidity(this.validity.patternMismatch
? 'Must have at least 4 characters' : ''); if(this.checkValidity()) form.pa
ssword_two.pattern = this.value;" required class="input-xlarge">
172. <p class="help-
block">Password should be at least 4 characters</p>
173. </div>
174. </div>
175.
176. <div class="control-group">
177. <!-- Confirm Password -->
178. <label class="control-
label" for="password_confirm">Password (Confirm)</label>
179. <div class="controls">
180. <input type="password" id="password_confirm" name="password_
confirm" pattern="^\S{4,}$" onchange="this.setCustomValidity(this.validity.
patternMismatch ? 'Please enter the same Password as above' : '')"" class=
"input-xlarge">
181. <p class="help-block">Please confirm password</p>
182. </div>
183. </div>
184.
185. <div class="control-group">
186. <!-- Button -->
187. <div class="controls">
188. <button class="btn btn-
success" type="submit" name="signup">Signup </button>
189. </div>
190. </div>
191. </fieldset>
192. </form>
193. <script type="text/javascript">
194.
195. </script>
196. </body>
197. </html>

Step 4– Signin or Login


Create a HTML sign form

1. <form id="loginForm" method="post">


2. div class="form-group">
3. <label for="username" class="control-label">Username / Email id</label>
4. <input type="text" class="form-
control" id="username" name="username" required="" title="Please enter you
username or Email-id" placeholder="email or username" >
5. <span class="help-block"></span>
6. </div>
7. <div class="form-group">
8. <label for="password" class="control-label">Password</label>
9. <input type="password" class="form-
control" id="password" name="password" placeholder="Password" value="" requ
ired="" title="Please enter your password">
10. <span class="help-block"></span>
11. </div>
12.
13. <button type="submit" class="btn btn-success btn-
block" name="login">Login</button>
14. </form>

User can login through valid username/email and password.

PHP Code for Signin or Login

1. <?php
2. session_start();
3. //Database Configuration File
4. include('config.php');
5. error_reporting(0);
6. if(isset($_POST['login']))
7. {
8. // Getting username/ email and password
9. $uname=$_POST['username'];
10. $password=md5($_POST['password']);
11. // Fetch data from database on the basis of username/email and password
12. $sql ="SELECT UserName,UserEmail,LoginPassword FROM userdata WHERE (Use
rName=:usname || UserEmail=:usname) and (LoginPassword=:usrpassword)";
13. $query= $dbh -> prepare($sql);
14. $query-> bindParam(':usname', $uname, PDO::PARAM_STR);
15. $query-> bindParam(':usrpassword', $password, PDO::PARAM_STR);
16. $query-> execute();
17. $results=$query->fetchAll(PDO::FETCH_OBJ);
18. if($query->rowCount() > 0)
19. {
20. $_SESSION['userlogin']=$_POST['username'];
21. echo "<script type='text/javascript'> document.location = 'welcome.php'
; </script>";
22. } else{
23. echo "<script>alert('Invalid Details');</script>";
24. }
25. }
26. ?>

Step 5– Create a welcome page.


After login user will redirect to this page. Validate this page using user session if anyone
want to access this page without login will redirect to index.php automatically.

Code for welcome.php

1. <?php
2. session_start();
3. include('config.php');
4. // Validating Session
5. if(strlen($_SESSION['userlogin'])==0)
6. {
7. header('location:index.php');
8. }
9. else{
10. ?>
11.
12. <!DOCTYPE html>
13. <html lang="en">
14. <head>
15. <meta charset="utf-8">
16. <title>PDO | Welcome Page</title>
17. <meta name="viewport" content="width=device-width, initial-
scale=1">
18. <link href="https://netdna.bootstrapcdn.com/twitter-
bootstrap/2.3.2/css/bootstrap-combined.min.css" rel="stylesheet">
19. <style type="text/css">
20. .center {text-align: center; margin-left: auto; margin-
right: auto; margin-bottom: auto; margin-top: auto;}
21.
22. </style>
23. <script src="https://code.jquery.com/jquery-1.11.1.min.js"></script>
24. <script src="https://netdna.bootstrapcdn.com/twitter-
bootstrap/2.3.2/js/bootstrap.min.js"></script>
25. </head>
26. <body>
27. <div class="container">
28. <div class="row">
29. <div class="span12">
30. <div class="hero-unit center">
31. <?php
32. // Code for fecthing user full name on the bassis of username or email.
33. $username=$_SESSION['userlogin'];
34. $query=$dbh-
>prepare("SELECT FullName FROM userdata WHERE (UserName=:username || UserE
mail=:username)");
35. $query->execute(array(':username'=> $username));
36. while($row=$query->fetch(PDO::FETCH_ASSOC)){
37. $username=$row['FullName'];
38. }
39. ?>
40.
41. <h1>Welcome Back <font face="Tahoma" color="red"><?php echo $user
name;?> ! </font></h1>
42. <br />
43. <p>Lorem ipsum dolor sit amet, sit veniam senserit mediocritatem
et, melius aperiam complectitur an qui. Ut numquam vocibus accumsan mel. Pe
r ei etiam vituperatoribus, ne quot mandamus conceptam has, pri molestiae c
onstituam quaerendum an. In molestiae torquatos eam.
44. </p>
45. <a href="logout.php" class="btn btn-large btn-
info"><i class="icon-home icon-white"></i> Log me out</a>
46. </div>
47. <br />
48.
49. </div>
50. <br />
51. <!-- By ConnerT HTML & CSS Enthusiast -->
52. </div>
53. </div>
54. </div>
55.
56. </body>
57. </html>
58. <?php } ?>

Step 6 – logout Page.


Logout page used for destroy the session or unset the session variable.

code for logout.php page

1. <?php
2. session_start();
3. unset($_SESSION['userlogin']); // unset session variable
4. session_destroy(); // destroy session
5. header("location:index.php");
6. ?>

Download full script - https://phpgurukul.com/sign-up-and-login-operation-using-pdo/

You might also like