PHP20 min readBuild a Simple Login System (PDO + Sessions)
Combine sessions, password hashing, and database queries into a real login flow.
Let’s combine everything into a clean login system.
Step 1: Login form (HTML)
```html <form method="post"> <input name="email" placeholder="Email"> <input name="password" type="password" placeholder="Password"> <button type="submit">Login</button> </form> ```
Step 2: Login handler (PHP)
```php <?php session_start(); require_once "config.php";
if ($_SERVER['REQUEST_METHOD'] === 'POST') { $email = trim($_POST['email'] ?? ''); $password = $_POST['password'] ?? '';
$stmt = $pdo->prepare("SELECT id, email, password_hash FROM users WHERE email=:email"); $stmt->execute(["email" => $email]); $user = $stmt->fetch();
if ($user && password_verify($password, $user['password_hash'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['email'] = $user['email']; header("Location: dashboard.php"); exit; }
$error = "Invalid email or password"; } ?> ```
Step 3: Protect a page
```php <?php session_start(); if (!isset($_SESSION['user_id'])) { header("Location: login.php"); exit; } ?> <h1>Dashboard</h1> ```
Practical tip
Always call `exit` after `header("Location:")` to prevent extra output.
> Next: OOP in PHP, classes and objects (you will use this in real frameworks).