PHP Project-3 :PHP Login script tutorial

Posted: November 7, 2010 in MySql, PHP
Tags: ,

In this tutorial create 3 files
1. main_login.php
2. checklogin.php
3. login_success.php

Step
1. Create table “members” in database “test”.
2. Create file main_login.php.
3. Create file checklogin.php.
4. Create file login_success.php.
5. Create file logout.php

1. Create table “members”

CREATE TABLE `members` (
`id` int(4) NOT NULL  auto_increment,
`username` varchar(65)  NOT NULL default '',
`password` varchar(65)  NOT NULL default '',
PRIMARY KEY  (`id`)
) TYPE=MyISAM  AUTO_INCREMENT=2 ;

--
-- Dumping data for  table `members`
--

INSERT  INTO `members` VALUES (1, 'john', '1234');

2. Create file main_login.php

View In Browser

CODE

<table width="300" border="0" align="center" cellpadding="0"  cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post"  action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1"  bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login  </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername"  type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text"  id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit"  value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

3. Create file checklogin.php

Code

<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot  connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from  form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about  MySQL injection)
$myusername =  stripslashes($myusername);
$mypassword =  stripslashes($mypassword);
$myusername =  mysql_real_escape_string($myusername);
$mypassword =  mysql_real_escape_string($mypassword);

$sql="SELECT  * FROM $tbl_name WHERE username='$myusername' and  password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched  $myusername  and $mypassword,   table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

4. Create file login_success.php

Code

// Check if session is not registered , redirect  back to main page.
// Put this code in first line of web page.
<?
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>

5. Logout.php

If you want to logout, create this file

// Put this code in first line of web page.
<?
session_start();
session_destroy();
?>

6.For PHP5 User – checklogin.php

Code

<?php
ob_start();
$host="localhost";  // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot  connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about  MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT  * FROM $tbl_name WHERE username='$myusername' and  password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched  $myusername  and  $mypassword,  table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or  Password";
}

ob_end_flush();
?>

7. Encrypting Password – Make your Login More Secure


Advertisements
Comments

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s