Erudiax
PHPPHP20 min read

Build a Simple Login System (PDO + Sessions)

Combine sessions, password hashing, and database queries into a real login flow.

Ava Thompson
October 31, 2025
3.4k117

Let’s combine everything into a clean login system.

Step 1: Login form (HTML)

<form method="post">
  <input name="email" placeholder="Email">
  <input name="password" type="password" placeholder="Password">
  <button type="submit">Login</button>
</form>

Step 2: Login handler (PHP)

<?php
session_start();
require_once "config.php";

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  $email = trim($_POST['email'] ?? '');
  $password = $_POST['password'] ?? '';

  $stmt = $pdo->prepare("SELECT id, email, password_hash FROM users WHERE email=:email");
  $stmt->execute(["email" => $email]);
  $user = $stmt->fetch();

  if ($user && password_verify($password, $user['password_hash'])) {
    $_SESSION['user_id'] = $user['id'];
    $_SESSION['email'] = $user['email'];
    header("Location: dashboard.php");
    exit;
  }

  $error = "Invalid email or password";
}
?>

Step 3: Protect a page

<?php
session_start();
if (!isset($_SESSION['user_id'])) {
  header("Location: login.php");
  exit;
}
?>
<h1>Dashboard</h1>

Practical tip

Always call exit after header("Location:") to prevent extra output.

Next: OOP in PHP, classes and objects (you will use this in real frameworks).

#PHP#Auth#Security#Intermediate

More on PHP

PHP Introduction

6 min7.1k

Install PHP and Run Your First Script

8 min4.1k

PHP Syntax and Mixing with HTML

7 min5.1k