PHP Login script tutorial

SUBMITTED BY: Guest

DATE: Oct. 25, 2014, 12:02 p.m.

FORMAT: Text only

SIZE: 5.9 kB

Raw Download

HITS: 765

Report
  1. Overview
  2. In this tutorial, we create 3 php files for testing our code.
  3. 1. main_login.php
  4. 2. checklogin.php
  5. 3. login_success.php
  7. Steps
  8. 1. Create table "members" in database "test".
  9. 2. Create file main_login.php.
  10. 3. Create file checklogin.php.
  11. 4. Create file login_success.php.
  12. 5. Create file logout.php
  14. STEP1: Create table "members"
  15. For testing this code, we need to create database "test" and create table "members"
  16. CREATE TABLE `members` (
  17. `id` int(4) NOT NULL auto_increment,
  18. `username` varchar(65) NOT NULL default '',
  19. `password` varchar(65) NOT NULL default '',
  20. PRIMARY KEY (`id`)
  21. ) TYPE=MyISAM AUTO_INCREMENT=2 ;
  22. --
  23. -- Dumping data for table `members`
  24. --
  25. INSERT INTO `members` VALUES (1, 'john', '1234');
  28. STEP2: Create file main_login.php
  29. The first file we need to create is "main_login.php" which is a login form
  31. <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
  32. <tr>
  33. <form name="form1" method="post" action="checklogin.php">
  34. <td>
  35. <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
  36. <tr>
  37. <td colspan="3"><strong>Member Login </strong></td>
  38. </tr>
  39. <tr>
  40. <td width="78">Username</td>
  41. <td width="6">:</td>
  42. <td width="294"><input name="myusername" type="text" id="myusername"></td>
  43. </tr>
  44. <tr>
  45. <td>Password</td>
  46. <td>:</td>
  47. <td><input name="mypassword" type="text" id="mypassword"></td>
  48. </tr>
  49. <tr>
  50. <td>&nbsp;</td>
  51. <td>&nbsp;</td>
  52. <td><input type="submit" name="Submit" value="Login"></td>
  53. </tr>
  54. </table>
  55. </td>
  56. </form>
  57. </tr>
  58. </table>
  60. STEP3: Create file checklogin.php
  61. We have a login form in step 2, when a user submit their username and password, PHP code in checklogin.php will check that this user exist in our database or not.
  63. If user has the right username and password, then the code will register username and password in the session and redirect to "login_success.php". If username or password is wrong the system will show "Wrong Username or Password".
  65. ############### Code
  67. <?php
  69. $host="localhost"; // Host name
  70. $username=""; // Mysql username
  71. $password=""; // Mysql password
  72. $db_name="test"; // Database name
  73. $tbl_name="members"; // Table name
  75. // Connect to server and select databse.
  76. mysql_connect("$host", "$username", "$password")or die("cannot connect");
  77. mysql_select_db("$db_name")or die("cannot select DB");
  79. // username and password sent from form
  80. $myusername=$_POST['myusername'];
  81. $mypassword=$_POST['mypassword'];
  83. // To protect MySQL injection (more detail about MySQL injection)
  84. $myusername = stripslashes($myusername);
  85. $mypassword = stripslashes($mypassword);
  86. $myusername = mysql_real_escape_string($myusername);
  87. $mypassword = mysql_real_escape_string($mypassword);
  88. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
  89. $result=mysql_query($sql);
  91. // Mysql_num_row is counting table row
  92. $count=mysql_num_rows($result);
  94. // If result matched $myusername and $mypassword, table row must be 1 row
  95. if($count==1){
  97. // Register $myusername, $mypassword and redirect to file "login_success.php"
  98. session_register("myusername");
  99. session_register("mypassword");
  100. header("location:login_success.php");
  101. }
  102. else {
  103. echo "Wrong Username or Password";
  104. }
  105. ?>
  107. STEP4: Create file login_success.php
  108. User can't view this page if the session is not registered.
  110. ############### Code
  112. // Check if session is not registered, redirect back to main page.
  113. // Put this code in first line of web page.
  114. <?php
  115. session_start();
  116. if(!session_is_registered(myusername)){
  117. header("location:main_login.php");
  118. }
  119. ?>
  121. <html>
  122. <body>
  123. Login Successful
  124. </body>
  125. </html>
  127. STEP5: Create file Logout.php
  128. If you want to logout, create this file. The code in this file will destroy the session.
  130. // Put this code in first line of web page.
  131. <?php
  132. session_start();
  133. session_destroy();
  134. ?>
  137. For PHP5 User - checklogin.php
  138. ############### Code
  140. <?php
  142. ob_start();
  143. $host="localhost"; // Host name
  144. $username=""; // Mysql username
  145. $password=""; // Mysql password
  146. $db_name="test"; // Database name
  147. $tbl_name="members"; // Table name
  149. // Connect to server and select databse.
  150. mysql_connect("$host", "$username", "$password")or die("cannot connect");
  151. mysql_select_db("$db_name")or die("cannot select DB");
  153. // Define $myusername and $mypassword
  154. $myusername=$_POST['myusername'];
  155. $mypassword=$_POST['mypassword'];
  157. // To protect MySQL injection (more detail about MySQL injection)
  158. $myusername = stripslashes($myusername);
  159. $mypassword = stripslashes($mypassword);
  160. $myusername = mysql_real_escape_string($myusername);
  161. $mypassword = mysql_real_escape_string($mypassword);
  162. $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
  163. $result=mysql_query($sql);
  165. // Mysql_num_row is counting table row
  166. $count=mysql_num_rows($result);
  168. // If result matched $myusername and $mypassword, table row must be 1 row
  169. if($count==1){
  171. // Register $myusername, $mypassword and redirect to file "login_success.php"
  172. session_register("myusername");
  173. session_register("mypassword");
  174. header("location:login_success.php");
  175. }
  176. else {
  177. echo "Wrong Username or Password";
  178. }
  179. ob_end_flush();
  180. ?>
  183. Encrypting Password - Make your Login More Secure
comments powered by Disqus