PHP User Registration Form with Password Validation
- ☆ This PHP script implements a secure user registration form with MySQL integration and server-side password validation.
- ☆ It checks whether the submitted password contains at least one letter, one number, and one special character.
- ☆ If all conditions are met, the password is hashed and the user is stored in the database.
<?php
require 'db.php';
$errorList = [];
$success = "";
$username = ""; // store input username
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = htmlspecialchars($_POST["username"]);
$password = htmlspecialchars($_POST["password"]);
// Server-side password validation conditions
$conditions = [
'letter' => [
'pattern' => '/[A-Za-z]/',
'message' => 'Password must contain at least one letter.'
],
'number' => [
'pattern' => '/[0-9]/',
'message' => 'Password must contain at least one number.'
],
'special' => [
'pattern' => '/[\W_]/',
'message' => 'Password must contain at least one special character.'
]
];
$valid = true;
foreach ($conditions as $key => $rule) {
if (!preg_match($rule['pattern'], $password)) {
$errorList[$key] = false;
$valid = false;
} else {
$errorList[$key] = true;
}
}
if ($valid) {
// Hash and store password
$hashed = password_hash($password, PASSWORD_DEFAULT);
$stmt = $conn->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$stmt->bind_param("ss", $username, $hashed);
try {
$stmt->execute();
$success = "✅ Registered successfully!";
$username = ""; // clear the username field
$errorList = []; // clear errors after success
} catch (mysqli_sql_exception $e) {
if (str_contains($e->getMessage(), 'Duplicate entry')) {
$errorList['duplicate'] = "❌ Username already taken.";
} else {
$errorList['unknown'] = "❌ Something went wrong. Please try again.";
}
}
}
}
?>
<link rel="stylesheet" href="style.css">
<style>
.error-msg { color: red; font-size: 0.9em; margin-top: 5px; }
.success-msg { color: green; font-size: 1em; margin-bottom: 10px; }
.check { color: green; }
.cross { color: red; }
</style>
<form method="post">
<h2>Register</h2>
<?php
if (!empty($success)) {
echo '<div class="success-msg">' . htmlspecialchars($success) . '</div>';
}
?>
Username:
<input name="username" value="<?= htmlspecialchars($username) ?>" required><br>
Password:
<input type="password" name="password" required><br><br>
<!-- Show password rules -->
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST" && empty($success)) {
?>
<div>
<p>Password must meet the following conditions:</p>
<ul style="list-style: none; padding-left: 0;">
<li>
<?php echo (isset($errorList['letter']) && $errorList['letter']) ? '✅' : '❌'; ?>
At least one letter
</li>
<li>
<?php echo (isset($errorList['number']) && $errorList['number']) ? '✅' : '❌'; ?>
At least one number
</li>
<li>
<?php echo (isset($errorList['special']) && $errorList['special']) ? '✅' : '❌'; ?>
At least one special character
</li>
</ul>
</div>
<?php
}
?>
<!-- Username errors -->
<?php
if (isset($errorList['duplicate'])) {
echo '<div class="error-msg">' . htmlspecialchars($errorList['duplicate']) . '</div>';
} elseif (isset($errorList['unknown'])) {
echo '<div class="error-msg">' . htmlspecialchars($errorList['unknown']) . '</div>';
}
?>
<button type="submit">Register</button>
</form>
Password Validation Example in W3School
How TO - Password Validation