PHP/MySQL/HTML Login Form

Submitted by Yorkiebar on Sunday, December 29, 2013 - 00:20.

Language

SQL

Introduction: This tutorial will cover creating a login form with PHP/MySQL/HTMl. Pre-creation: First you need to have some user accounts stored in a database, you can check out my profile for a tutorial on creating a register form. Steps of Creation: Step 1: First we need to connect to the database holding the user accounts...

<?php
	$con = mysqli_connect('localhost', 'root', '', 'freelanceTutorials') or die(mysql_error());
?>

mysqli_connect uses the parameters; server, username, password* Step 2: Now we can create a login form in HTML for the users...

<form action='logini.php' method='POST'>
	<input type='text' name='user' />
	<input type='password' name='pass' />
	<input type='submit' name='sentForm' />
</form>

As you can see, the method is POST which means the data is sent from the form invisible to the average user and the action is 'logini.php' (which I have saved the page as, this avoids having to create two pages for one login function). Step 3: Since the action on the form is the same page, I will insert the following function in to the same page. If you have set a different page, insert the below source code in to that page instead.

<?php
	$con = mysqli_connect('localhost', 'root', '', 'freelanceTutorials') or die(mysql_error());
	if (isSet($_POST['sentForm'])) {
		$user = $_POST['user'];
		$pass = $_POST['pass'];
		$query = mysqli_query($con, "SELECT * FROM `users` WHERE `username`='$user' AND `password`='$pass'") or die(mysql_error());
		echo $user.$pass;
		if (mysqli_num_rows($query) > 0) {
			$_SESSION['user'] = $user;
			echo 'Successful login.';
		}else{
			echo 'Failed login.';
		}
		mysqli_close($con);
	}
?>

The above script connects to the database with the given information (server, username, password, database) and selects our database containing the users table. Then we get the information from the form through our POST data and compare them to the users table in our database. We then check how many rows are found using the entered information through our mysqli_query function. If there is 1 then the row does exist, the password and username are correct and we set them a session variable named "user" with the value of their username. We can use this to check if they are logged in later on. We also give output on the page to whether the login was successful. Once we are finished with the connection we close it with mysqli_close($con); Testing Once you have finished, it should all be working. Create an account either manually through PHPMyAdmin/cPanel/Control Panel of your localhost or web host (or use a register form) and try to login. Debugging If there are any problems, you can try to find them by adding ' or die(mysql_error())' just before the line terminator (;) on the line you think is giving the problem, this will output the error. Make sure to remove these before letting the public on to your page(s)! Please note: This form does not have any security in place, I will cover the security in another tutorial and place the link to that tutorial here once it has been uploaded.

Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. After downloading it, you will need a program like Winzip to decompress it.

Virus note: All files are scanned once-a-day by SourceCodester.com for viruses, but new viruses come out every day, so no prevention program can catch 100% of them.

FOR YOUR OWN SAFETY, PLEASE:

1. Re-scan downloaded files using your personal virus checker before using it.
2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.