How to Create Login Page in PHP/MySQL

Submitted by argie on Friday, May 25, 2012 - 10:49.

Related code: How to Create Secure Login Page in PHP/MySQL. Yesterday I posted a tutorial on how to create a registration page using PHP/MySQL. To make some follow up with my registration page tutorial, I decided to create another tutorial on how to create a login page using PHP/MySQL. The Features of my login page contain input validation using PHP session. One unique feature also with my login page is the logout function, it is unique because unlike with other login page once the user click the logout button and click the back button of the browser, their system allows the user to go back as if it still logged in, which is not appropriate for security reason. But here in my login page once the user click the logout button, the user can no longer go back to their previous page. The only way to go back to the previous page is to login again. To start this tutorial let’s follow some steps below.

Creating Our Database

First we are going to create our database which stores our data. To create a database: 1. Open phpmyadmin 2. Click create table and name it. 3. Then name the database as "simple_login". 4. After creating a database name, click the SQL and paste the following code.

CREATE TABLE IF NOT EXISTS `member` (
  `mem_id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(30) NOT NULL,
  `password` varchar(30) NOT NULL,
  `fname` varchar(30) NOT NULL,
  `lname` varchar(30) NOT NULL,
  `address` varchar(100) NOT NULL,
  `contact` varchar(30) NOT NULL,
  `picture` varchar(100) NOT NULL,
  `gender` varchar(10) NOT NULL,
  PRIMARY KEY (`mem_id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;

Creating Our Form

Next step is to create a form and save it as index.php. To create a form, open your HTML code editor and paste the code below in the upper part of the document or above the html tag. The code below is use to disallow the user to go back as if it still logged in.

<?php
        //Start session
        session_start();        
        //Unset the variables stored in session
        unset($_SESSION['SESS_MEMBER_ID']);
        unset($_SESSION['SESS_FIRST_NAME']);
        unset($_SESSION['SESS_LAST_NAME']);
?>

Paste the code bellow after the body tag of the HTML document

<form name="loginform" action="login_exec.php" method="post">
<table width="309" border="0" align="center" cellpadding="2" cellspacing="5">
  <tr>
    <td colspan="2">
                <!--the code bellow is used to display the message of the input validation-->
                 <?php
                        if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
                        echo '<ul class="err">';
                        foreach($_SESSION['ERRMSG_ARR'] as $msg) {
                                echo '<li>',$msg,'</li>'; 
                                }
                        echo '</ul>';
                        unset($_SESSION['ERRMSG_ARR']);
                        }
                ?>
        </td>
  </tr>
  <tr>
    <td width="116"><div align="right">Username</div></td>
    <td width="177"><input name="username" type="text" /></td>
  </tr>
  <tr>
    <td><div align="right">Password</div></td>
    <td><input name="password" type="text" /></td>
  </tr>
  <tr>
    <td><div align="right"></div></td>
    <td><input name="" type="submit" value="login" /></td>
  </tr>
</table>
</form>

Creating our Connection

Next step is to create a database connection and save it as "connection.php". This file is used to connect our form to database.

<?php
$mysql_hostname = "localhost";
$mysql_user = "root";
$mysql_password = "";
$mysql_database = "simple_login";
$prefix = "";
$bd = mysqli_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database");
mysqli_select_db($bd, $mysql_database) or die("Could not select database");
?>

Writing Our Login Script

Next step is to create our login script that validates our input data and save it as login_exec.php.

<?php
        //Start session
        session_start();
 
        //Include database connection details
        require_once('connection.php');
 
        //Array to store validation errors
        $errmsg_arr = array();
 
        //Validation error flag
        $errflag = false;
 
        //Function to sanitize values received from the form. Prevents SQL injection
        function clean($str) {
                echo "str: ".$str;
                $str = @trim($str);
                if(get_magic_quotes_gpc()) {
                        $str = stripslashes($str);
                }
                return mysqli_real_escape_string($str);
        }
 
        //Sanitize the POST values
        $username = $_POST['username'];
        $password = $_POST['password'];
 
        //Input Validations
        if($username == '') {
                $errmsg_arr[] = 'Username missing';
                $errflag = true;
        }
        if($password == '') {
                $errmsg_arr[] = 'Password missing';
                $errflag = true;
        }
 
        //If there are input validations, redirect back to the login form
        if($errflag) {
                $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
                session_write_close();
                header("location: index.php");
                exit();
        }
 
        //Create query
        $qry="SELECT * FROM member WHERE username='$username' AND password='$password'";
        $result=mysqli_query($bd, $qry);
 
        //Check whether the query was successful or not
        if($result) {
                if(mysqli_num_rows($result) > 0) {
                        //Login Successful
                        session_regenerate_id();
                        $member = mysqli_fetch_assoc($result);
                        $_SESSION['SESS_MEMBER_ID'] = $member['mem_id'];
                        $_SESSION['SESS_FIRST_NAME'] = $member['username'];
                        $_SESSION['SESS_LAST_NAME'] = $member['password'];
                        session_write_close();
                        header("location: home.php");
                        exit();
                }else {
                        //Login failed
                        $errmsg_arr[] = 'user name and password not found';
                        $errflag = true;
                        if($errflag) {
                                $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
                                session_write_close();
                                header("location: index.php");
                                exit();
                        }
                }
        }else {
                die("Query failed");
        }
?>

Creating Our Authentication File

Next step is to create our authentication file and save it as auth.php. this code is use to disallow the user to go back as if it still logged in.

<?php
        //Start session
        session_start();
        //Check whether the session variable SESS_MEMBER_ID is present or not
        if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
                header("location: index.php");
                exit();
        }
?>

Creating Our Home page

Next step is to create a homepage and save it as home.php.

<?php
        require_once('auth.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">
<!--
.style1 {
        font-size: 36px;
        font-weight: bold;
}
-->
</style>
</head>
 
<body>
<p align="center" class="style1">Login successfully </p>
<p align="center">This page is the home, you can put some stuff here......</p>
<p align="center"><a href="index.php">logout</a></p>
</body>
</html>

That’s all you have already created your login page with unique features. Hope this code will help you, see you guys in my next tutorial. We've created a more secure registration and login page using CodeIgniter and Ion Auth. We highly recommend you use this instead if you want to secure your site. However, we're using CodeIgniter framework on this. If you are interested, kindly visit Secure Registration and Login Script with PHP and MySQL using CodeIgniter and Ion Auth.

Comments

helllo sir

sir,your code is well and good...but i have one doubt..mytask is that to create the login page..database member can log in to my login page..after log in,the member who would logged in details will be shown..that member can edit that details..after finished edit process to press the finish button..again the loginpage will be open..after that member can logged out..please send the source code for above task..this is my mail id:[email protected]

like

ur code real help me thanx.....

nice

its very nice

user profile

hi...thanks alot for your very useful code But, how can I show the user profile(fname,lname,...) in the home page after the validation?

GOD BLESS

GOD is so great of your life . It works! Keep up the good work and GOD BLESS :)

I like you code

Your code is very good but can you help me code for log out? my mail is [email protected]

More title pa thans

Firefox has detected that the server is redirecting the request

Firefox has detected that the server is redirecting the request for this address in a way that will never complete. what do think is causing this? also a infinite loop from login_exec.php

Help me out of this Error

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /mrdthome/webwalk/public_html/admin/login_exec.php:1) in /mrdthome/webwalk/public_html/admin/login_exec.php on line 3 Query failed

Be sure to remove the white

Be sure to remove the white space at the end of the file called "login_exec.php"

There is no space left there.

There is no space left there...!

QUERY FAILED

I removed the white space and upload the files. Now i am getting the result of Query failed. What mistake i have done? Hence it works without errors on localhost.

Change the error_reporting in

Change the error_reporting in your php.ini to: error_reporting = E_ALL & ~E_NOTICE

Thanks a lot it works now

Information about CSS in log in page

How to create a validation with CSS file?

wow

Im a biginer for web but I dne well hahah thnks lot

Thanks

cool, dude!!

error

Fatal error: Call to undefined function get_magic_quotes_gpc() in C:\AppServ\www\myphp\login_exec.php on line 19

this is easy to use

Session login page

Page1:login.php
<?php
session_start();
mysql_connect("localhost","root","") or die("error connect");
mysql_select_db("task2") or die(" error database");
$email=$_POST['email'];
$pass=$_POST['password'];
$login=mysql_query("SELECT * FROM login WHERE email='$email' AND password='$pass'");
$sql=mysql_num_rows($login);
if($sql!=0){
$_SESSION['email']=$email;
header('Location: login_verify.php');
}
else {
echo "Wrong Username or Password";
}
?>
page2:login_check.
<?php
session_start();
if(isset($_SESSION['email'])){

echo "<center><h1>".$_SESSION['email']."Welcome to Home page</h1></center>";
}
else{
header('Location: login_im.php');
}
?>
<a href="newlogout.php">Logout</a>
page3:logout.php
<?php
session_start();
session_destroy();
header("location:/login_im.php");
?>

Your code is very good but

Your code is very good but can you help me code for login? my mail is [email protected]

very nice

Thanks Broo..................

Thanks Broo....................!

secure login

excellent! thank you very much!

table creation

I'm new to this things of web designing I want to know how can a create a table in my database on-line, like the way is being done on a localhost.

awesome

Unbelievable!!! I tried over and over many of Tutorials and every time i was not successful,but IT IS WORKING Thank you so much

vb.net & sql server

how to connect VB.net to SQL Server2005 provide source code plz

Use username or member_id variable in home.php

Hi Guy. Very useful for coding. I want use username or member_id variable in order to query on other table. How can I do? Thanks so much.

Logout

Hi, The login script works, but I'm not sure how the logout script should work. I was expecting a Logout button somewhere. Also, in the login script. 1) the password shows when it is typed in. Is there a way to just show ****** instead? 2)This code in the index.php shows as comment. Not sure why. 0 ) { echo '

',$msg,'

'; unset($_SESSION['ERRMSG_ARR']); } ?> Otherwise, it's great.Thanks.

helpful toturial

The tutorial and codes above is really helpful to me. Thank you very much.

i dont no where to put the welcome and username

i don't no where to put the welcome and username and which page }else{ echo"Welcom " .$_POST['username']; } can u help me please

how do connect the mysql in internet

i create one form but not connect the internet

Tnx

Your code is perfect! Thank you very much!

Hey great work there: but one

Hey great work there: but one more question: what i want want only a logged in person to view all the other pages??

php

how to add pdf file in database through php form at admin side

how?

how if iwant to add selection..two text area and 1 selection... how to write for selecetion???hope someone can help me...

Awesome

its very good tutorial .. i just copy and paste and its run .. thanks alot...

fetching data from database

can anyone help me or can show me codes on how to create a login. i have 2 tables in my database namely: "users" and "roles". a user should login by their corresponding roles. how can it be done? or is it possible that way? pls help me asap. Thank You.

very useful source code

your sourcecodes are very useful. i've got a project and it includes logging in. I have many types of admin: 1) admin that has a FULL ACCESS of the system, 2) admin that has a limited access only, and 3) admin that has a lesser access than the second one. Member users also has a limitted access to my information portal project. i have tables in my database namely: "users(user_id,user_name,password)", "users_data(data_id, lname, fname, mname, email)", "roles(role_id,role_type)". My Problem is that, how will it be when a USER will login, he will be redirected to its corresponding page(according to its role type). and so with the other users. please help me with this one. Please send me your sourcecode for this at [email protected]. thank you in advance!

Add new comment

Add new comment
6272 views