How to Create Login Page in PHP/MySQL

Submitted by argie on Friday, May 25, 2012 - 10:49.
Related code: How to Create Secure Login Page in PHP/MySQL. Yesterday I posted a tutorial on how to create a registration page using PHP/MySQL. To make some follow up with my registration page tutorial, I decided to create another tutorial on how to create a login page using PHP/MySQL. The Features of my login page contain input validation using PHP session. One unique feature also with my login page is the logout function, it is unique because unlike with other login page once the user click the logout button and click the back button of the browser, their system allows the user to go back as if it still logged in, which is not appropriate for security reason. But here in my login page once the user click the logout button, the user can no longer go back to their previous page. The only way to go back to the previous page is to login again. To start this tutorial let’s follow some steps below.

Creating Our Database

First we are going to create our database which stores our data. To create a database: 1. Open phpmyadmin 2. Click create table and name it. 3. Then name the database as "simple_login". 4. After creating a database name, click the SQL and paste the following code.
  1. CREATE TABLE IF NOT EXISTS `member` (
  2.   `mem_id` int(11) NOT NULL AUTO_INCREMENT,
  3.   `username` varchar(30) NOT NULL,
  4.   `password` varchar(30) NOT NULL,
  5.   `fname` varchar(30) NOT NULL,
  6.   `lname` varchar(30) NOT NULL,
  7.   `address` varchar(100) NOT NULL,
  8.   `contact` varchar(30) NOT NULL,
  9.   `picture` varchar(100) NOT NULL,
  10.   `gender` varchar(10) NOT NULL,
  11.   PRIMARY KEY (`mem_id`)
  12. ) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;

Creating Our Form

Next step is to create a form and save it as index.php. To create a form, open your HTML code editor and paste the code below in the upper part of the document or above the html tag. The code below is use to disallow the user to go back as if it still logged in.
  1. <?php
  2.         //Start session
  3.         session_start();       
  4.         //Unset the variables stored in session
  5.         unset($_SESSION['SESS_MEMBER_ID']);
  6.         unset($_SESSION['SESS_FIRST_NAME']);
  7.         unset($_SESSION['SESS_LAST_NAME']);
  8. ?>
Paste the code bellow after the body tag of the HTML document
  1. <form name="loginform" action="login_exec.php" method="post">
  2. <table width="309" border="0" align="center" cellpadding="2" cellspacing="5">
  3.   <tr>
  4.     <td colspan="2">
  5.                 <!--the code bellow is used to display the message of the input validation-->
  6.                  <?php
  7.                         if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
  8.                         echo '<ul class="err">';
  9.                         foreach($_SESSION['ERRMSG_ARR'] as $msg) {
  10.                                 echo '<li>',$msg,'</li>';
  11.                                 }
  12.                         echo '</ul>';
  13.                         unset($_SESSION['ERRMSG_ARR']);
  14.                         }
  15.                 ?>
  16.         </td>
  17.   </tr>
  18.   <tr>
  19.     <td width="116"><div align="right">Username</div></td>
  20.     <td width="177"><input name="username" type="text" /></td>
  21.   </tr>
  22.   <tr>
  23.     <td><div align="right">Password</div></td>
  24.     <td><input name="password" type="text" /></td>
  25.   </tr>
  26.   <tr>
  27.     <td><div align="right"></div></td>
  28.     <td><input name="" type="submit" value="login" /></td>
  29.   </tr>
  30. </table>
  31. </form>

Creating our Connection

Next step is to create a database connection and save it as "connection.php". This file is used to connect our form to database.
  1. <?php
  2. $mysql_hostname = "localhost";
  3. $mysql_user = "root";
  4. $mysql_password = "";
  5. $mysql_database = "simple_login";
  6. $prefix = "";
  7. $bd = mysqli_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database");
  8. mysqli_select_db($bd, $mysql_database) or die("Could not select database");
  9. ?>

Writing Our Login Script

Next step is to create our login script that validates our input data and save it as login_exec.php.
  1. <?php
  2.         //Start session
  3.         session_start();
  4.  
  5.         //Include database connection details
  6.         require_once('connection.php');
  7.  
  8.         //Array to store validation errors
  9.         $errmsg_arr = array();
  10.  
  11.         //Validation error flag
  12.         $errflag = false;
  13.  
  14.         //Function to sanitize values received from the form. Prevents SQL injection
  15.         function clean($str) {
  16.                 echo "str: ".$str;
  17.                 $str = @trim($str);
  18.                 if(get_magic_quotes_gpc()) {
  19.                         $str = stripslashes($str);
  20.                 }
  21.                 return mysqli_real_escape_string($str);
  22.         }
  23.  
  24.         //Sanitize the POST values
  25.         $username = $_POST['username'];
  26.         $password = $_POST['password'];
  27.  
  28.         //Input Validations
  29.         if($username == '') {
  30.                 $errmsg_arr[] = 'Username missing';
  31.                 $errflag = true;
  32.         }
  33.         if($password == '') {
  34.                 $errmsg_arr[] = 'Password missing';
  35.                 $errflag = true;
  36.         }
  37.  
  38.         //If there are input validations, redirect back to the login form
  39.         if($errflag) {
  40.                 $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  41.                 session_write_close();
  42.                 header("location: index.php");
  43.                 exit();
  44.         }
  45.  
  46.         //Create query
  47.         $qry="SELECT * FROM member WHERE username='$username' AND password='$password'";
  48.         $result=mysqli_query($bd, $qry);
  49.  
  50.         //Check whether the query was successful or not
  51.         if($result) {
  52.                 if(mysqli_num_rows($result) > 0) {
  53.                         //Login Successful
  54.                         session_regenerate_id();
  55.                         $member = mysqli_fetch_assoc($result);
  56.                         $_SESSION['SESS_MEMBER_ID'] = $member['mem_id'];
  57.                         $_SESSION['SESS_FIRST_NAME'] = $member['username'];
  58.                         $_SESSION['SESS_LAST_NAME'] = $member['password'];
  59.                         session_write_close();
  60.                         header("location: home.php");
  61.                         exit();
  62.                 }else {
  63.                         //Login failed
  64.                         $errmsg_arr[] = 'user name and password not found';
  65.                         $errflag = true;
  66.                         if($errflag) {
  67.                                 $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  68.                                 session_write_close();
  69.                                 header("location: index.php");
  70.                                 exit();
  71.                         }
  72.                 }
  73.         }else {
  74.                 die("Query failed");
  75.         }
  76. ?>

Creating Our Authentication File

Next step is to create our authentication file and save it as auth.php. this code is use to disallow the user to go back as if it still logged in.
  1. <?php
  2.         //Start session
  3.         session_start();
  4.         //Check whether the session variable SESS_MEMBER_ID is present or not
  5.         if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
  6.                 header("location: index.php");
  7.                 exit();
  8.         }
  9. ?>

Creating Our Home page

Next step is to create a homepage and save it as home.php.
  1. <?php
  2.         require_once('auth.php');
  3. ?>
  4. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  5. <html xmlns="http://www.w3.org/1999/xhtml">
  6. <head>
  7. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  8. <title>Untitled Document</title>
  9. <style type="text/css">
  10. <!--
  11. .style1 {
  12.         font-size: 36px;
  13.         font-weight: bold;
  14. }
  15. -->
  16. </style>
  17. </head>
  18.  
  19. <body>
  20. <p align="center" class="style1">Login successfully </p>
  21. <p align="center">This page is the home, you can put some stuff here......</p>
  22. <p align="center"><a href="index.php">logout</a></p>
  23. </body>
  24. </html>
That’s all you have already created your login page with unique features. Hope this code will help you, see you guys in my next tutorial. We've created a more secure registration and login page using CodeIgniter and Ion Auth. We highly recommend you use this instead if you want to secure your site. However, we're using CodeIgniter framework on this. If you are interested, kindly visit Secure Registration and Login Script with PHP and MySQL using CodeIgniter and Ion Auth.
Tags
login page in php/msql
input validation using php

Comments

Submitted by Mania_c (not verified) on Sat, 05/03/2014 - 02:38

Just use "<input name="password" type="password">"

Submitted by Sorin (not verified) on Tue, 05/06/2014 - 20:30

You can use an iframe.

<iframe src="index.php"></iframe>

Submitted by saj (not verified) on Fri, 05/16/2014 - 20:23

i got an error message. please help me to clarify Warning: Cannot modify header information - headers already sent by (output started at C:\AppServ\www\an\connection.php:19) in C:\AppServ\www\an\login_exec.php on line 68

Submitted by nasir5 (not verified) on Sat, 05/17/2014 - 03:18

It give error that database could not be selected... please tell which database is selected

Submitted by hangon on Sun, 05/18/2014 - 01:58

ur codeis superb help in log out code

Submitted by Thanks for your code (not verified) on Mon, 06/02/2014 - 15:39

i want to update my data..after updating when i click button automatically it moves to logout page..i dont know what to do..i checked everything..in localhost it works perfectly but after upload into server it create problem

Attach the source code in zip and upload it for us to download please

Submitted by Meena S (not verified) on Thu, 07/10/2014 - 17:24

this code is ver useful

Submitted by Ayman Y. Dasa (not verified) on Fri, 08/08/2014 - 06:05

I think it should be like
  1. $_SESSION['SESS_FIRST_NAME'] = $member['fname'];
  2. $_SESSION['SESS_LAST_NAME'] = $member['lname'];

Submitted by Trino Tarizulu (not verified) on Fri, 10/17/2014 - 14:18

Nice codes. It worked for me :)

Submitted by Ranjeet Kumar … (not verified) on Mon, 10/20/2014 - 00:53

I am getting output query failed .plz tell me where i am wrong

Submitted by gayathri Selvam (not verified) on Fri, 10/24/2014 - 16:24

thanks for this code ....it fully running

Submitted by Vab (not verified) on Mon, 10/27/2014 - 08:26

this really helped me, thanks.

Submitted by Anoop0118 (not verified) on Thu, 12/04/2014 - 13:01

Hello Thank You So Much For Detailed Explanation

Submitted by Feretzen (not verified) on Mon, 03/09/2015 - 21:26

Hi! I installed and everything is working smoothly. Thank you very much for sharing such a great tool and explanation. Regards, Fernando

Submitted by baraka (not verified) on Sat, 04/25/2015 - 20:26

Thanks Man! Be blessed

Submitted by amirhossein (not verified) on Mon, 05/11/2015 - 03:56

hi dear i just wanna to say thank you ..i was desperately wanted this information god bless you bye amirhossein

Submitted by ilyn (not verified) on Wed, 05/13/2015 - 22:20

can you please help in next previous, last and first buttons in php/mysql

Submitted by XnameR (not verified) on Wed, 05/13/2015 - 23:57

Nice tutorial ... but missing a register page can someone help me to make it. or someone is make reg page for this tutorial :D Thanks for sharing.

Submitted by Avery T. Horton, Jr. (not verified) on Sat, 05/23/2015 - 02:15

$_SESSION['SESS_MEMBER_ID'] = $member['mem_id']; 56. $_SESSION['SESS_FIRST_NAME'] = $member['username']; 57. $_SESSION['SESS_LAST_NAME'] = $member['password']; 58. session_write_close(); Names don't match!!

Submitted by Joe Don (not verified) on Thu, 06/04/2015 - 23:13

I will try this soon. Please, I will need similar in PHP on online students examinations in five subjects(computer science, chemistry, biology and physics) with instant result at the end of exams.

Submitted by lygi (not verified) on Sat, 06/27/2015 - 13:19

i want a feed back form and its comments and the name of the person who comments are shows in bellow the space

Submitted by Hassnain Mehmood (not verified) on Fri, 08/07/2015 - 22:17

true but this code is too lenthy and difficult

Submitted by l0new0lf99 (not verified) on Fri, 09/25/2015 - 20:08

this is by far the best sample login Ive used, thanks for sharing

hi
i am riham
how to hide password in password text box????
pls help me

Submitted by Kashif Ejaz (not verified) on Thu, 12/10/2015 - 02:51

Argie I have a different issue...I made login,index,home,connection,auth.php and transfer it to server folder, this folder contain website files, also In server I created database paste the sql code.......but how it will run? your help/answer will be highly appreciated, because i am a beginner, plz urgently, [email protected]

Submitted by Kashif Ejaz (not verified) on Thu, 12/10/2015 - 03:09

Argie I have ceated th page it asking username and password, but dont have [email protected], its giving message " could not connect data base" what is the solution?

Submitted by Mishek (not verified) on Sun, 02/21/2016 - 18:20

once I log user out he can relog in by using back arrow navigation.when I include the hath.PHP in my home.PHP nothing is happening when user login details are inserted

Submitted by john lito (not verified) on Fri, 09/23/2016 - 12:08

I want to create registration form n from tat username n password mentioned in registration I want to login.. so please help me out in this as quick as paossible............ very useful source code

Submitted by Joseph Zachwa (not verified) on Wed, 12/07/2016 - 08:10

I created it well but the password it doesn't hide. How can I do it so that I can hide it?

Submitted by just testing it out (not verified) on Sun, 05/14/2017 - 19:47

Thanks for that, I have been looking around the net and most places want you to signup just to see the code. This works great. If anyone is having issues, all you need to do is follow each step.

Submitted by venice (not verified) on Fri, 10/27/2017 - 14:45

hi, good afternoon po, medyo may napansin lang po ako, panu po ba gawin ung pag ibinack mo sya ay dapat wala ng makikitand username at password?

Submitted by mehdi youseffi (not verified) on Sun, 12/10/2017 - 01:54

your code very good for me. Thank you.

Submitted by priyanka khawale (not verified) on Sat, 02/24/2018 - 15:24

please send the php code for ...nursery management system...on this email-> [email protected]

Submitted by Pirien (not verified) on Sun, 04/29/2018 - 18:47

Great stuff, i cannot wait to trial it out

Add new comment

About text formats