Home arrow PHP arrow Page 2 - PHP for Beginners by a Beginner: Simple Login, Logout, and Session Handling
PHP

PHP for Beginners by a Beginner: Simple Login, Logout, and Session Handling


In this article, James presents a very simple way to add login/logout security in PHP using session handling.

Author Info:
By: James Ruttan
Rating: 4 stars4 stars4 stars4 stars4 stars / 478
February 09, 2003
TABLE OF CONTENTS:
  1. · PHP for Beginners by a Beginner: Simple Login, Logout, and Session Handling
  2. · Building It Up
  3. · Breaking It Down
  4. · Moving It Around
  5. · Conclusion

print this article
SEARCH DEVARTICLES

PHP for Beginners by a Beginner: Simple Login, Logout, and Session Handling - Building It Up
(Page 2 of 5 )

The first thing you will need for this is the MySQL table that will hold the login information. For the scope of this article each record will only hold three pieces of information:

Table: users
Column NameTypeNullPrimary KeyExtra
user_idint(8)NoPKAUTO
usernamevarchar(11)No  
passwordvarchar(32)No  


Once we have the table created, now we need to populate it with some user information.

INSERT INTO users (username, password) VALUES (‘someUser’, md5(‘somePass’));

The username and password values can be whatever you want tlhem to be. The md5() function is built into PHP, and will convert your password into a 32 character string. This is one good method for encrypting password information. Whenever you use this, though, you should be careful. The conversion is one-way, and you cannot decrypt your password to read it.

Are you asking yourself “Then how am I going to be able to make sure the user is entering the right password?” Don’t worry, all will be revealed.

Now let’s create the login.htm form:

<html>
<head>
<title>Login</title>
</head>
<body>
<form method="POST" action="login.php">
Username: <input type="text" name="username" size="20">
Password: <input type="password" name="password" size="20">
<input type="submit" value="Submit" name="login>
</form>
</body>
</html>


Let’s look at the code for login.php:

<?PHP
//check that the user is calling the page from the login form and not accessing it directly
//and redirect back to the login form if necessary
if (!isset($username) || !isset($password)) {
header( "Location: http://www.yourdomain/login.htm" );
}
//check that the form fields are not empty, and redirect back to the login page if they are
elseif (empty($username) || empty($password)) {
header( "Location: http://www.yourdomain.com/login.htm" );
}
else{

//convert the field values to simple variables

//add slashes to the username and md5() the password
$user = addslashes($_POST['username']);
$pass = md5($_POST['password']);


//set the database connection variables

$dbHost = "localhost";
$dbUser = "yourUsername";
$dbPass = "YourPassword";
$dbDatabase = "yourDB";

//connet to the database

$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die ("Error connecting to database.");

mysql_select_db("$dbDatabase", $db) or die ("Couldn't select the database.");

$result=mysql_query("select * from users where username='$user' AND password='$pass'", $db);

//check that at least one row was returned

$rowCheck = mysql_num_rows($result);
if($rowCheck > 0){
while($row = mysql_fetch_array($result)){

  //start the session and register a variable

  session_start();
  session_register('username');

  //successful login code will go here...
  echo 'Success!';

  //we will redirect the user to another page where we will make sure they're logged in
  header( "Location: checkLogin.php" );

  }

  }
  else {

  //if nothing is returned by the query, unsuccessful login code goes here...

  echo 'Incorrect login name or password. Please try again.';
  }
  }
  ?>


And that’s it. Good luck.
blog comments powered by Disqus
PHP ARTICLES

- Removing Singletons in PHP
- Singletons in PHP
- Implement Facebook Javascript SDK with PHP
- Making Usage Statistics in PHP
- Installing PHP under Windows: Further Config...
- File Version Management in PHP
- Statistical View of Data in a Clustered Bar ...
- Creating a Multi-File Upload Script in PHP
- Executing Microsoft SQL Server Stored Proced...
- Code 10x More Efficiently Using Data Access ...
- A Few Tips for Speeding Up PHP Code
- The Modular Web Page
- Quick E-Commerce with PHP and PayPal
- Regression Testing With JMeter
- Building an Iterator with PHP

Watch our Tech Videos 
Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 
Support 

Developer Shed Affiliates

 




© 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials