- Apr 18, 2019 Download the source code and check the demo as you can put a sample username and password in the fields and try to login. You will be taken to a profile page on the same which looks glorious with a logout button which shows the logging out animation.
- Mar 26, 2015 Download Open Source Login Template for free. A Cool template for Login form in php. Its a cool login form with full admin panel you can easily implement it in your site with few minor changes.
- Mar 26, 2015 Download Open Source Login Template for free. A Cool template for Login form in php. Its a cool login form with full admin panel you can easily implement it.
For this tutorial I'll be teaching you how you can create your very own secure PHP login system, a login form is what your website's visitors will use to login to your website to access content for logged-in users (such as a profile page).
The Basic and Advanced packages include additional features and a download link to the source code.
Mar 04, 2020 You should now have a basic understanding of how a login system works with PHP and MySQL, you're free to copy the source code and use it in your own projects. The next step is to create a registration system that will allow visitors to register. Don't forget to follow us and share the article, this will help us create future tutorials.
Contents
- Getting Started
1. Getting Started
There are a few steps we need to take before we create our secure login system, we need to set up our web server environment and make sure we have the required extensions enabled.
1.1. Requirements
- If you haven't got a local web server setup I recommend you download and install XAMPP.
- XAMPP is a web server package that will run on many operating systems, it includes PHP, MySQL, Apache, phpMyAdmin, and more, no need to install the software separately.
1.2. What You Will Learn in this Tutorial
- Form Design — Design a login form with HTML5 and CSS3.
- Prepared SQL Queries — How to prepare SQL queries to prevent SQL injection, this will prevent your database from being exposed.
- Basic Validation — Validating form data that is sent to the server (username and password).
- Session Management — Initialize sessions and store retrieved database results.
1.3. File Structure & Setup
We now need to start our web server and create the files and folders we're going to use for our login system.
- Open XAMPP Control Panel
- Next to the Apache module click Start
- Next to the MySQL module click Start
- Navigate to XAMPPs installation folder (C:xampp)
- Open the htdocs folder
- Create the following folders and files:
File Structure
-- phplogin
|-- index.html
|-- style.css
|-- authenticate.php
|-- logout.php
|-- home.php
|-- profile.php
|-- index.html
|-- style.css
|-- authenticate.php
|-- logout.php
|-- home.php
|-- profile.php
Each file will contain the following:
- index.html — Login form created with HTML5 and CSS3, we don't need to use PHP in this file so we can just save it as HTML.
- style.css — The stylesheet (CSS) for our secure login app.
- authenticate.php — Connect to the database, validate form data, retrieve database results, and create new sessions.
- logout.php — Destroy the logged in sessions and redirect the user.
- home.php — Basic home page for logged in users.
- profile.php — Select the user's account from our MySQL database and display the result.
2. Creating the Login Form Design
We need a login form for our websites users, so they can interact with it and enter their details, we will be using HTML and CSS for this part of the tutorial.
Open up the index.html file with your favorite code editor, we're going to edit this file and add the login form code.
Copy and paste the following code (or create your own layout):
What this will look like if we open it up in our web browser:
Pretty basic right? Let's open up our style.css file and add the following code:
CSSCopy
We need to include our stylesheet in our index.html file, copy and paste the following code to the head section:
And now if we reload the index.html file in our web browser our login form will look more appealing:
Let's narrow down the form so we can get a better understanding on what's going on.
- Form — We need to use both the action and post attributes, the action attribute will be set to the authentication file. When the form is submitted, the form data will be sent to the authentication file for processing. The method is to post, this will allow us to process the form data.
- Input (text/password) — We need to name our form fields so the server can recognize them, so if we set the value of the attribute name to the username, we can use the post variable in our authentication file to get the data, like this: $_POST['username'].
- Input (submit) — On click the form data will be sent to our authentication file for processing.
3. Creating the Database and setting-up Tables
For this part, you will need to access your MySQL database, either using phpMyAdmin or your preferred MySQL database management application.
If you're using phpMyAdmin follow these instructions:
Php Code For Registration Form
- Navigate to: http://localhost/phpmyadmin/
- Click the Databases tab at the top
- Under Create database, type in phplogin in the text box
- Select utf8_general_ci as the collation
- Click Create
You can use your own database name, but for this tutorial, I'll use phplogin.
What we need now is an accounts table, this table will store all the accounts (usernames, passwords, emails, etc).
Click the database on the left side panel (phplogin) and execute the following SQL statement:
SQLCopy
On phpMyAdmin this should look like:
The above SQL statement code will create the accounts table with the columns id, username, password, and email.
We also insert a test account with the username: test, and the password: test, the test account will be used for testing purposes to make sure our login system works correctly.
4. Authenticating Users with PHP
Now that we have our database setup, we can go ahead and start coding with PHP, we're going to start with the authentication, this will handle the form data that is sent from our index.html file.
Edit the authenticate.php file and add the following:
PHPCopy
The first thing we have to do is start the session, this allows us to remember data on the server, this will be used later on to remember logged in users.
We also connect to the database, we need to connect to the database to check the username and password, make sure to set the variables to your database credentials.
Add below:
This will make sure the form data exists, if the user tries to access the file without submitting the form it will return a simple error.
Add below:
PHPCopy
This will prepare the SQL statement that will select the id and password from the accounts table, it will bind the username to the SQL statement, execute, and then store the result.
After this line:
Add:
First, we need to check if the query has returned any results, if the username doesn't exist in the database then there would be no results.
If the username exists we can bind the results to the variables: $id and $password.
After we can verify the password with the password_verify function, only passwords that are created with the password_hash function will work. Avid pro tools activation.
If you don't want to use any password encryption method, you can simply replace the following code:
PHPCopy
With:
Finally, if the user is able to login with the correct details our code will create new session variables to remember the user on the server, so when the user visits the home page our PHP code can check if the session variables exist.
Let's try our login to make sure the authentication works correctly, navigate to http://localhost/phplogin/index.html
Type in any username and password and click the login button, it should output an error that looks like the following:
Don't worry, it's not broke! If we go back to our login form and enter test for both the username and password fields the authentication page will look like the following:
Code editing software free download. Visual Studio Code is a code editor redefined and optimized for building and debugging modern web and cloud applications. Visual Studio Code is free and available on your favorite platform. Visual Studio Code is free and available on your favorite platform - Linux, macOS, and Windows. Download Visual Studio Code to experience a redefined code editor, optimized for building and debugging modern web and cloud applications. Oct 09, 2019 HxD is a freeware hex editor, a tool that can open and edit computer code. In the right hands, it's a powerful utility that can inspect, compare, and verify files, disks, disk images, memory,.
If you get an error make sure to double-check your code to make sure you haven't missed anything or check if the test account exists in your database.
5. Creating the Home Page
The home page will be the first page our users see when they've logged-in, the only way they can access this page is if they're logged-in, they will be redirected back to the login page if they aren't.
Edit the home.php file and add the following code:
PHPCopy
Basically, what happens here is we check if the user is logged in, if they are not we redirect them to the homepage, remember the $_SESSION['loggedin'] variable we defined in the authentication.php file? This is what we use to determine if users are logged in or not.
Now we can add some HTML to our home page. Below the closing tag add the following code:
As you can see here all we do is create the layout for our home page and greet the user.
The CSS for the home page, add to style.css:
PHPCopy
Now that we have our home page setup we can redirect our users from the authentication.php file, edit authentication.php and replace this line of code:
With:
PHPCopy
If you log-in with the test account you should see something like this:
This is a pretty basic home page, you can customize it to how you want now that you understand how it works.
6. Creating the Profile Page
The profile page will display the account information for the logged-in user.
Edit the profile.php file and add the following code:
PHPCopy
This demonstrates how you can get additional account information from the database, as before with home page we didn't need to connect to the database because we used the session data.
We're going to display all the account information for the user, so we need to get the password and email fields from the database, we don't need to get the username or id fields because we've them stored in session variables that were created in the authentication.php file.
After the closing tag, add the following code:
A simple layout to display account information, if you navigate to profile.php this will look like:
Remember the passwords are encrypted so you cannot see the decrypted password unless you create a new session variable and store the password from the authentication.php file.
7. Creating the Logout Script
Creating the logout script is very simple, all you need to do is destroy the sessions that we created.
Edit the logout.php file and add the following code:
PHPCopy
Initialize sessions and destroy them (if any) and redirect the user to the login page, we use sessions to determine if the user is logged in or not so by removing them the user will not be logged in.
Conclusion
You should now have a basic understanding of how a login system works with PHP and MySQL, you're free to copy the source code and use it in your own projects.
The next step is to create a registration system that will allow visitors to register.
Don't forget to follow us and share the article, this will help us create future tutorials.
Next tutorial in this series: Secure Registration System with PHP and MySQL
If you would like to support us consider purchasing a package below, this will greatly help us create more tutorials and keep our server up and running, packages include improved code and more features.
Basic
Source code
Secure login & registration system
Profile page
Edit profile page
AJAX integration
Add-ons (includes instructions)
— Forgot Password
— Activation Required for Login
— Activate with Reset Password
— Brute Force Protection
— CSRF Protection
— Forgot Password
— Activation Required for Login
— Activate with Reset Password
— Brute Force Protection
— CSRF Protection
SCSS file
Free updates
User Guide
View Online
* Payments are processed with PayPal.
* Advanced package also includes the basic package.
* Advanced package also includes the basic package.
$15.00
DownloadYou have no favorites