PHP Login and Login Script
Now we will Create a simple script for Login and Logout form with php, mysql using with a SESSION variable. This file contains Login form, Login authorize script and Logout program. It is very simple and easy but you can enhance it.
Requirements
We need two php files and 1 mysql table
index.php this file is the Login and Logout file.
main.php this file is the target when login is OK.
We need to make a database "tutorial" and in this database we will make table "admin" with following 3 fields:
id(auto_increment),
username(varchar, 50),
password(varchar, 32).
* The "password" field is design for md5() password for more sucurity.
* When you test this script you must to put the real password (1234) in "password" box.
The mainly file for do 3 things.
- Login form. Including 2 fields "username" and "password" and submit button "Login".
- Login authorize program. Do authorize check after you submit form, if passed in username and password, this page will re-direct to main.php . If not, show the invalid user or password message.
- Logout. Clear the login session when come back or refresh this page.
Source Code
// Use session variable on this page. This function must put on the top of page.
session_start();
////// Logout Section. Delete all session variable.
session_destroy();
$message="";
////// Login Section.
$login=$_POST['login'];
if($login){ // If clicked on Login button.
$username=$_POST['username'];
$password=md5($_POST['password']); // Encrypt password with md5() function.
// Connect database.
$host="localhost"; // Host name.
$db_user="Your MySql User Name ";
$db_password="Your MySql Password";
$database="tutorial"; // Database name.
mysql_connect($host,$db_user,$db_password);
mysql_select_db($database);
// Check matching of username and password.
$results=mysql_query("select * from admin where username='$username' and password='$password'");
if(mysql_num_rows($results)!='0'){ // If match.
session_register("username"); // Craete session username.
header("location:main.php"); // Re-direct to main.php
exit;
}else{ // If not match.
$message="--- Incorrect Username or Password ---";
}
} // End Login authorization check.
?> <html >
<head>
<title>Login Form </title>
</head>
<body>
<? echo $message; ?>
<form id="form1" name="form1" method="post" action=" <? echo $PHP_SELF; ?> ">
<table>
<tr>
<td>User Name: </td>
<td><input name="username" type="text" id="username" /></td>
</tr>
<tr>
<td>Password : </td>
<td><input name="password" type="password" id="password" /></td>
</tr>
</table>
<input name="login" type="submit" id="login" value="Login" />
</form>
</body>
</html>
This file is the target file when authorize check on index.php has been passed. It checks for session variable name "username". If this variable does not exist, re-direct to index.php .
If you have PHP files must Login before open them, copy the PHP section and place it on the top of them.
Source Code
// You may copy this PHP section to the top of file which needs to access after login.
session_start(); // Use session variable on this page. This function must put on the top of page.
if(!session_is_registered("username")){ // if session variable "username" does not exist.
header("location:index.php"); // Re-direct to index.php
}
?>
<html>
<head>
<title>Admin Panel </title>
</head>
<body>
<p>Hello <? echo $_SESSION['username']; ?> ! You are now Logged in.</p>
<p><a href="index.php">Logout</a></p>
</body>
</html>
