Skip to main content

How to Create a Simple Login with Validation PHP/MySQLi

Language


In this tutorial will show you how to create a simple login with user input validation using PHP/MySQLi. This tutorial does not include a good design but will give you an idea on how to create a simple Login using PHP/MySQLi.

Creating our Database

First, we're going to create a database that contains the user data.
1. Open phpMyAdmin.
2. Click databases, create a database and name it as "login".
3. After creating a database, click the SQL and paste the below code. See image below for detailed instruction.

  1. CREATE TABLE `user` (
  2. `userid` INT(11) NOT NULL AUTO_INCREMENT,
  3. `username` VARCHAR(30) NOT NULL,
  4. `password` VARCHAR(30) NOT NULL,
  5. `fullname` VARCHAR(60) NOT NULL,
  6. PRIMARY KEY (`userid`)
  7. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;

login

Inserting Data into our Database

Next, we insert a data into our database to check whether a user is found in our database.
1. Click our database "login".
2. Click SQL and paste the below code.

  1. INSERT INTO `user` (`username`, `password`, `fullname`) VALUES
  2. ('user', 'user', 'hello world');

Creating our Connection

Next step is to create a database connection and save it as "conn.php". This file will serve as our bridge between our form and our database. To create the file, open your HTML code editor and paste the code below after the tag.

  1. <?php
  2. $conn = mysqli_connect("localhost","root","","login");
  3.  
  4. // Check connection
  5. {
  6. echo "Failed to connect to MySQL: " . mysqli_connect_error();
  7. }
  8. ?>

Creating our Login Form and Login Script

Lastly, we create our Login Form with the login script and save it as "index.php". In this form, the inputted data of the user will be checked if it is found in the database that we created earlier. To create the form, open your HTML code editor and paste the code below after the tag.

  1. <!DOCTYPE html>
  2. <title>Login with Validation PHP, MySQLi</title>
  3. .message {color: #FF0000;}
  4. </head>
  5.  
  6. <?php
  7. // define variables and set to empty values
  8. $Message = $ErrorUname = $ErrorPass = "";
  9.  
  10. if ($_SERVER["REQUEST_METHOD"] == "POST") {
  11.  
  12. $username = check_input($_POST["username"]);
  13.  
  14. if (!preg_match("/^[a-zA-Z0-9_]*$/",$username)) {
  15. $ErrorUname = "Space and special characters not allowed but you can use underscore(_).";
  16. }
  17. else{
  18. $fusername=$username;
  19. }
  20.  
  21. $fpassword = check_input($_POST["password"]);
  22.  
  23. if ($ErrorUname!=""){
  24. $Message = "Login failed! Errors found";
  25. }
  26. else{
  27. include('conn.php');
  28.  
  29. $query=mysqli_query($conn,"select * from `user` where username='$fusername' && password='$fpassword'");
  30. $num_rows=mysqli_num_rows($query);
  31. $row=mysqli_fetch_array($query);
  32.  
  33. if ($num_rows>0){
  34. $Message = "Login Successful!";
  35. }
  36. else{
  37. $Message = "Login Failed! User not found";
  38. }
  39.  
  40. }
  41. }
  42.  
  43. function check_input($data) {
  44. $data = trim($data);
  45. $data = stripslashes($data);
  46. $data = htmlspecialchars($data);
  47. return $data;
  48. }
  49. ?>
  50.  
  51. <h2>Login Form</h2>
  52. <p><span class="message">* required field.</span></p>
  53. <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
  54. Username: <input type="text" name="username" required>
  55. <span class="message">* <?php echo $ErrorUname;?></span>
  56. <br><br>
  57. Password: <input type="password" name="password" required>
  58. <span class="message">* <?php echo $ErrorPass;?></span>
  59. <br><br>
  60. <input type="submit" name="submit">
  61. <br><br>
  62. </form>
  63.  
  64. <span class="message">
  65. <?php
  66. if ($Message=="Login Successful!"){
  67. echo $Message;
  68. echo 'Welcome, '.$row['fullname'];
  69. }
  70. else{
  71. echo $Message;
  72. }
  73.  
  74. ?>
  75. </span>
  76.  
  77. </body>
  78. </html>

Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. After downloading it, you will need a program like Winzip to decompress it.

Virus note: All files are scanned once-a-day by SourceCodester.com for viruses, but new viruses come out every day, so no prevention program can catch 100% of them.

FOR YOUR OWN SAFETY, PLEASE:

1. Re-scan downloaded files using your personal virus checker before using it.
2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.

Add new comment

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.