Create a Simple User Login System with PHP and MySQL

Here is a fun and easy way to create user login system within just a few minutes.

First - The Demo

Here is all the code for the page - phplogin.php

<?php
    //Required to use session variables
    //This must be called at the beginning of each page in which you want to use the session variables
    session_start();
    
    //Check to see if we have already logged in successfully
    //If login was successfully then redirect to appropriate page
    if ($_SESSION['loggedin'] == 1)
        header("Location: loginsuccess.php"); //php redirect 
    
    //This page posts to itself, so here to check to see if the page was submitted
    if(isset( $Submit ))
    {
        //MySQL username and password
        $username="username";
        $password="password";
        //Specify MySQL database to connect to
        $database="database";
        //Create connection and select the appropriate database
        mysql_connect("localhost",$username,$password);
        @mysql_select_db($database) or die( "Unable to select database");
        
        //Get the username and password from posted form
        $username = $_POST['username'];
        $password = $_POST['password'];
        
        //Build the query to look for users that exist with that username/password combination
        //Here I'm using the admin table within my database
        $query = "SELECT * FROM admin where username=\"$username\" and password = \"$password\" ";
        //Retrieve the results of the query, and also aquire the number of records returned
        $result = mysql_query($query);
        $num = mysql_numrows($result);
        
        //Check to see how many records are returned
        if ($num>0)
        {
            //User login was successful, set session variable then redirect to the loginsuccess.php page
            $_SESSION['loggedin'] = 1;
            header("Location: loginsuccess.php");
        } else {
            //Login was unsuccessful, set a local variable for later use
            $badlogin = 1;
        }
    }
    
    //Here we look for querystring variable called 'logout'
    //If logout exists, and is equal to 'yes' then call the php session_destroy() function
    //This will essentially log out the user
    if ($_GET['logout'] == "yes")
        session_destroy();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head><title></title></head>

<body>
                    
    <form name="form1" method="post" action="">
        UserName: <input type="text" name="username" id="username" value="admin" /><br />
        Password: <input type="password" name="password" id="password" value="admin" /><Br />
        <input type="submit" name="Submit" value="Submit" />
    </form>    
    <?php</p><p>        //If login was unsuccessful then we want to show an error to the user.
        if ($badlogin == 1)
            echo "<br/ ><span style=\"color: red;\">Invalid Login</span>";
    ?>

</body>
</html>

My user database table contains at least the following fields:
id, username, password

Add more fields as you see fit (last login time, address information, etc).

That is all for this simple PHP/MySQL user login. If you need to 'password protect' any page within your site all you have to do at this point is add the following code to the top of the protected page:

</p><p>    session_start();
    if ($_SESSION['loggedin'] != 1)
        header("Location: phplogin.php");</p><p>

This will check the session variable, and redirect to the login page if the variable hasn't been set successfully.

Finally, to allow the user to logout simply create a link like this:

<a href="phplogin.php?logout=yes">Logout</a>

If you have any questions or suggestions feel free to leave a comment.
Thanks for visiting.

Last Updated ( Monday, 28 July 2008 00:24 )

Main Menu

Offers

Google Tools

More Offers