Sunday, July 19, 2009

How to Create a Basic Login Script in PHP

Interested in creating your own forum page, blog, or even a shopping cart? A login area is the first step. Here is how to create a script for it in PHP.


1. Create the login database and table. For the purposes of the code examples below, we will assume the database name to be "test" and the table name to be "members". The database and table can be created through the control panel of your webhost. The "members" table will store the username and the passwords of all the people would be allowed access via this login script. The table should have a unique id field as the primary key, a username field, and a password field.

2. Create the login interface. This is an html page containing a form, two text boxes for the user name and password, and a submit button. As long as you have these elements, you may design the layout however you wish.


Member Login

3. Create the php script that will check the login input against the database. This script will connect to the database, send a query and retrieve the result, check to see if the username and password is correct and send you to the next page depending on the result of the comparison.

Example (connecting to the database):

$host="localhost"; // Host name
$username=""; // username
$password=""; // password
$db_name="test"; // Database name
$tbl_name="members"; // Table name

// Replace database connect functions depending on database you are using.
mysql_connect("$host", "$username", "$password");

Example (submitting query and retrieving results):

// username and password sent from form
//NEVER Remove the mysql_real_escape_string. Else there could be an Sql-Injection!

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";

Example (checking results):

// Replace counting function based on database you are using.
// If result matched $myusername and $mypassword, table row must be 1 row

Example (direct user based on result):

// Register $myusername, $mypassword and redirect to file "login_success.php"
} else {
echo "Wrong Username or Password";

4. Create the page that will display after login success. This script will start your session and display an html message of your choosing.


// Check if session is not registered , redirect back to main page.


Login Successful

5. Create logout script. This step is optional as sessions can time out. If you wish to create one, you will need a button or link to initiate the script and a message to confirm the success of logging out.




* Replace the database functions in your script with the appropriate functions for the database you are using (e.g. SQLITE, Microsoft SQL, etc.)

* Depending on your requirements, add security checks to your script.

* Try using CSS and various HTML elements to create an interesting look for your login and message pages.

No comments:

Post a Comment