Jump to content
xisto Community
HmmZ

Php Simple Login Tutorial Learn how to make a simple login

By HmmZ, in General Discussion

Recommended Posts

flashy    0

flashy
Posted

Hi, i'm new to php. Actually i was handed with a school project which is to create a e-commerce site. However i have no basic knowledge on php. Right now i'm actually trying to create a login/register page. I tried out your tutorial in the 1st page of this thread but ends up with errors here and there. So if you could provide me with more understanding on these coding, i'll be gratful.
1) I keep getting this error when trying to register... kept trying.. but all it came out was "Error: User not added to database."

2) I have tried creating a user n pass in the database (mysql) and then went on to tried to login.. but all i get was "Sorry, could not log you in. Wrong login information."

And also on top of the login box n password box, there are a few error message:

3) On the members page as well:

4) Logout page display:

Notice from rvalkass:

Quotes added around error messages.

Ahh - i know your problem, it happens in cookies too - when you send
SESSION_START()

You need to place it before everything else in your page - so like
<?phpblablabla?><html>...

Like that - hope it helps :lol:

Share this post

Link to post
Share on other sites

Kennethzzz    0

Kennethzzz
Posted

Ahh - i know your problem, it happens in cookies too - when you send

SESSION_START()

You need to place it before everything else in your page - so like
<?phpblablabla?><html>...

Like that - hope it helps :lol:

Tried doing that, but error remains.

Share this post

Link to post
Share on other sites

games4u    0

games4u
Posted

I had been breaking my head on this, not to implement it on my site. Actually one of my friends challenged me to create such a code. And this was really helpful. I hope you wouldn't mind if I copied it :lol: Thank you...

Share this post

Link to post
Share on other sites

Sefru    0

Sefru
Posted

Everything except the login worked for me here. It says "Sorry, could not log you in. Wrong login information." when I try to login, even when I KNOW I'm using the right username/password combo. Any help?

I'm having exactly the same problem. I'm 100% that I'm writing them right, I have tried to register and login many times but everytime when I try to login it just says that I have wrong login information. I have checked my database and every user I have registered is there.

Share this post

Link to post
Share on other sites

enten41    0

enten41
Posted

I have been quite busy lately, trying to design and code my site (far from done XD). And after having learned how to make a simple login, I will try to write my own tutorial, for you Posted Image

 

the tutorial

 

Step 1:

The first step in designing a member system is to plan out exactly what you need. A common impulse among programmers is to jump right in and start coding. I'll be honest and admit that I'm guilty of this more so than anyone. However, since I'm in control of this conversation (yes!), you'll have it all planned out by reading through this before you even see any code.

 

What will you need to start?

First of all, you need a server that supports a CGI or Server-side language. For this tutorial, it's PHP. I won't be directing any attention to any other language at this time, so although the concepts will be similar, the code will be entirely different than something you might use in Perl or ASP. As a side note, it is possible to perform a member system simply using JavaScript, but it would not be remotely secure because JavaScript is client-side (thus able to be viewed by anyone), and even if you had a one-way encryption script it would not be feasible because of the pain of hard-coding usernames and encrypted passwords into the HTML document.

 

Second, at least for our purposes, you need a database. Preferably MySQL. PHP and MySQL go hand-in-hand, so a lot of servers tend to match the two up. Thus, since we're talking PHP, we may as well talk MySQL.

 

Third, you will need 4 blank PHP web pages entitled: register.php, login.php, members.php, and logout.php. After you have these pages created and open, we're ready to start.

 

Step 2: Database

 

If we want to design a members system, we'll need a database. So all we need to do in this step is to create the table we will use to manage the user's login information. Note that the schema we use here is quite simple, and is only simplified to help you see how it works.

 

Name the table "dbUsers." It will need 4 fields:  [I]Name			 Type				 Addition[/I] id				  int(10)			  Primary Key, AUTO_INCREMENT username			varchar(16)		  Unique password			char(16)		    email			   varchar(25)

Once you've made the database table, you're ready to design and code the registration page.

 

Create a File to Connect to your Database

 

Create a new file and name it dbConfig.php. This file will contain the PHP code that will connect to the MySQL database, and select the correct database. Make sure you have added users to your MySQL database with read/write or admin access, then place this type of code into the dbConfig.php file:

 

<? // Replace the variable values below // with your specific database information. $host = "localhost"; $user = "UserName"; $pass = "Password"; $db   = "dbName";  // This part sets up the connection to the  // database (so you don't need to reopen the connection // again on the same page). $ms = mysql_pconnect($host, $user, $pass); if ( !$ms ) 	{ 	echo "Error connecting to database.\n"; 	}  // Then you need to make sure the database you want // is selected. mysql_select_db($db); ?>

Step 3: Register

 

register.php

 

On your registration page, you need to create a web form that will allow the user to plugin a username, password, and their e-mail address. Then, also on your page, add code that runs only when information has been passed via the form. Finally, display a "Registration Successful!" message to the user.

 

<?php  	// dbConfig.php is a file that contains your 	// database connection information. This 	// tutorial assumes a connection is made from 	// this existing file. 	include ("dbConfig.php");   //Input vaildation and the dbase code 	if ( $_GET["op"] == "reg" )   {   $bInputFlag = false;   foreach ( $_POST as $field )   	{   	if ($field == "")	 {	 $bInputFlag = false;	 }   	else	 {	 $bInputFlag = true;	 }   	}   // If we had problems with the input, exit with error   if ($bInputFlag == false)   	{   	die( "Problem with your registration info. "	 ."Please go back and try again.");   	}    // Fields are clear, add user to database   //  Setup query   $q = "INSERT INTO `dbUsers` (`username`,`password`,`email`) "   	."VALUES ('".$_POST["username"]."', "   	."PASSWORD('".$_POST["password"]."'), "   	."'".$_POST["email"]."')";   //  Run query   $r = mysql_query($q);      // Make sure query inserted user successfully   if ( !mysql_insert_id() )   	{   	die("Error: User not added to database.");   	}   else   	{   	// Redirect to thank you page.   	Header("Location: register.php?op=thanks");   	}   } // end if   //The thank you page 	elseif ( $_GET["op"] == "thanks" )   {   echo "<h2>Thanks for registering!</h2>";   }    //The web form for input ability 	else   {   echo "<form action=\"?op=reg\" method=\"POST\">\n";   echo "Username: <input name=\"username\" MAXLENGTH=\"16\"><br />\n";   echo "Password: <input type=\"password\" name=\"password\" MAXLENGTH=\"16\"><br />\n";   echo "Email Address: <input name=\"email\" MAXLENGTH=\"25\"><br />\n";   echo "<input type=\"submit\">\n";   echo "</form>\n";   } 	// EOF 	?>

Step 4: Login

 

login.php

 

Now in PHP, first we need to check the username and password against the information stored in the database. Since when the user registered, we encrypted their password using the MySQL PASSWORD() function, we re-encrypt the password the user supplied in the login form and cross-check this with the existing value in the dBase. If login information is O.K., then we need to use sessions to store the user's ID so they can access member-only content.

 

<?php 	session_start(); 	// dBase file 	include "dbConfig.php";  	if ($_GET["op"] == "login")   {   if (!$_POST["username"] || !$_POST["password"])   	{   	die("You need to provide a username and password.");   	}      // Create query   $q = "SELECT * FROM `dbUsers` "   	."WHERE `username`='".$_POST["username"]."' "   	."AND `password`=PASSWORD('".$_POST["password"]."') "   	."LIMIT 1";   // Run query   $r = mysql_query($q);    if ( $obj = @mysql_fetch_object($r) )   	{   	// Login good, create session variables   	$_SESSION["valid_id"] = $obj->id;   	$_SESSION["valid_user"] = $_POST["username"];   	$_SESSION["valid_time"] = time();    	// Redirect to member page   	Header("Location: members.php");   	}   else   	{   	// Login not successful   	die("Sorry, could not log you in. Wrong login information.");   	}   } 	else   { //If all went right the Web form appears and users can log in   echo "<form action=\"?op=login\" method=\"POST\">";   echo "Username: <input name=\"username\" size=\"15\"><br />";   echo "Password: <input type=\"password\" name=\"password\" size=\"8\"><br />";   echo "<input type=\"submit\" value=\"Login\">";   echo "</form>";   } 	?>

Step 5: Members Area

 

members.php

 

Now that the user has logged in successfully, and has his id, username, and login stored in session variables, we can start working with member-only content. A major thing to remember is that any page you want to carry session data over to you must declare a session_start(); at the top of your code.

 

<?php session_start();  if (!$_SESSION["valid_user"]) 	{ 	// User not logged in, redirect to login page 	Header("Location: login.php"); 	}  // Member only content // ... // ... // ...  // Display Member information echo "<p>User ID: " . $_SESSION["valid_id"]; echo "<p>Username: " . $_SESSION["valid_user"]; echo "<p>Logged in: " . date("m/d/Y", $_SESSION["valid_time"]);  // Display logout link echo "<p><a href=\"logout.php\">Click here to logout!</a></p>"; ?>

Step 6: Logout

 

logout.php

 

Ah, although it would be nice if our user's never left our web sites, we should give them to opportunity to log out and destroy the session variables if they so choose. It's quite easy to do, and you can just copy and paste this one.

 

<?php session_start(); session_unset();  session_destroy(); // Logged out, return home. Header("Location: index.php"); ?>

That's about it!. I used many simple examples hoping that you will learn how the internal systems work so you can expand on them and design a system that's just right for your needs. Have fun! Posted Image

I was able to insert username, password, and e-mail address but when I go to login.php and enter username and password this is not directed to members.php. It just stays on the page. Any ideas?

Share this post

Link to post
Share on other sites

fadillzzz    0

fadillzzz
Posted

I have been quite busy lately, trying to design and code my site (far from done XD). And after having learned how to make a simple login, I will try to write my own tutorial, for you Posted Image

 

the tutorial

 

Step 1:

The first step in designing a member system is to plan out exactly what you need. A common impulse among programmers is to jump right in and start coding. I'll be honest and admit that I'm guilty of this more so than anyone. However, since I'm in control of this conversation (yes!), you'll have it all planned out by reading through this before you even see any code.

 

What will you need to start?

First of all, you need a server that supports a CGI or Server-side language. For this tutorial, it's PHP. I won't be directing any attention to any other language at this time, so although the concepts will be similar, the code will be entirely different than something you might use in Perl or ASP. As a side note, it is possible to perform a member system simply using JavaScript, but it would not be remotely secure because JavaScript is client-side (thus able to be viewed by anyone), and even if you had a one-way encryption script it would not be feasible because of the pain of hard-coding usernames and encrypted passwords into the HTML document.

 

Second, at least for our purposes, you need a database. Preferably MySQL. PHP and MySQL go hand-in-hand, so a lot of servers tend to match the two up. Thus, since we're talking PHP, we may as well talk MySQL.

 

Third, you will need 4 blank PHP web pages entitled: register.php, login.php, members.php, and logout.php. After you have these pages created and open, we're ready to start.

 

Step 2: Database

 

If we want to design a members system, we'll need a database. So all we need to do in this step is to create the table we will use to manage the user's login information. Note that the schema we use here is quite simple, and is only simplified to help you see how it works.

 

Name the table "dbUsers." It will need 4 fields:  [I]Name			 Type				 Addition[/I] id				  int(10)			  Primary Key, AUTO_INCREMENT username			varchar(16)		  Unique password			char(16)		    email			   varchar(25)

Once you've made the database table, you're ready to design and code the registration page.

 

Create a File to Connect to your Database

 

Create a new file and name it dbConfig.php. This file will contain the PHP code that will connect to the MySQL database, and select the correct database. Make sure you have added users to your MySQL database with read/write or admin access, then place this type of code into the dbConfig.php file:

 

<? // Replace the variable values below // with your specific database information. $host = "localhost"; $user = "UserName"; $pass = "Password"; $db   = "dbName";  // This part sets up the connection to the  // database (so you don't need to reopen the connection // again on the same page). $ms = mysql_pconnect($host, $user, $pass); if ( !$ms ) 	{ 	echo "Error connecting to database.\n"; 	}  // Then you need to make sure the database you want // is selected. mysql_select_db($db); ?>

Step 3: Register

 

register.php

 

On your registration page, you need to create a web form that will allow the user to plugin a username, password, and their e-mail address. Then, also on your page, add code that runs only when information has been passed via the form. Finally, display a "Registration Successful!" message to the user.

 

<?php  	// dbConfig.php is a file that contains your 	// database connection information. This 	// tutorial assumes a connection is made from 	// this existing file. 	include ("dbConfig.php");   //Input vaildation and the dbase code 	if ( $_GET["op"] == "reg" )   {   $bInputFlag = false;   foreach ( $_POST as $field )   	{   	if ($field == "")	 {	 $bInputFlag = false;	 }   	else	 {	 $bInputFlag = true;	 }   	}   // If we had problems with the input, exit with error   if ($bInputFlag == false)   	{   	die( "Problem with your registration info. "	 ."Please go back and try again.");   	}    // Fields are clear, add user to database   //  Setup query   $q = "INSERT INTO `dbUsers` (`username`,`password`,`email`) "   	."VALUES ('".$_POST["username"]."', "   	."PASSWORD('".$_POST["password"]."'), "   	."'".$_POST["email"]."')";   //  Run query   $r = mysql_query($q);      // Make sure query inserted user successfully   if ( !mysql_insert_id() )   	{   	die("Error: User not added to database.");   	}   else   	{   	// Redirect to thank you page.   	Header("Location: register.php?op=thanks");   	}   } // end if   //The thank you page 	elseif ( $_GET["op"] == "thanks" )   {   echo "<h2>Thanks for registering!</h2>";   }    //The web form for input ability 	else   {   echo "<form action=\"?op=reg\" method=\"POST\">\n";   echo "Username: <input name=\"username\" MAXLENGTH=\"16\"><br />\n";   echo "Password: <input type=\"password\" name=\"password\" MAXLENGTH=\"16\"><br />\n";   echo "Email Address: <input name=\"email\" MAXLENGTH=\"25\"><br />\n";   echo "<input type=\"submit\">\n";   echo "</form>\n";   } 	// EOF 	?>

Step 4: Login

 

login.php

 

Now in PHP, first we need to check the username and password against the information stored in the database. Since when the user registered, we encrypted their password using the MySQL PASSWORD() function, we re-encrypt the password the user supplied in the login form and cross-check this with the existing value in the dBase. If login information is O.K., then we need to use sessions to store the user's ID so they can access member-only content.

 

<?php 	session_start(); 	// dBase file 	include "dbConfig.php";  	if ($_GET["op"] == "login")   {   if (!$_POST["username"] || !$_POST["password"])   	{   	die("You need to provide a username and password.");   	}      // Create query   $q = "SELECT * FROM `dbUsers` "   	."WHERE `username`='".$_POST["username"]."' "   	."AND `password`=PASSWORD('".$_POST["password"]."') "   	."LIMIT 1";   // Run query   $r = mysql_query($q);    if ( $obj = @mysql_fetch_object($r) )   	{   	// Login good, create session variables   	$_SESSION["valid_id"] = $obj->id;   	$_SESSION["valid_user"] = $_POST["username"];   	$_SESSION["valid_time"] = time();    	// Redirect to member page   	Header("Location: members.php");   	}   else   	{   	// Login not successful   	die("Sorry, could not log you in. Wrong login information.");   	}   } 	else   { //If all went right the Web form appears and users can log in   echo "<form action=\"?op=login\" method=\"POST\">";   echo "Username: <input name=\"username\" size=\"15\"><br />";   echo "Password: <input type=\"password\" name=\"password\" size=\"8\"><br />";   echo "<input type=\"submit\" value=\"Login\">";   echo "</form>";   } 	?>

Step 5: Members Area

 

members.php

 

Now that the user has logged in successfully, and has his id, username, and login stored in session variables, we can start working with member-only content. A major thing to remember is that any page you want to carry session data over to you must declare a session_start(); at the top of your code.

 

<?php session_start();  if (!$_SESSION["valid_user"]) 	{ 	// User not logged in, redirect to login page 	Header("Location: login.php"); 	}  // Member only content // ... // ... // ...  // Display Member information echo "<p>User ID: " . $_SESSION["valid_id"]; echo "<p>Username: " . $_SESSION["valid_user"]; echo "<p>Logged in: " . date("m/d/Y", $_SESSION["valid_time"]);  // Display logout link echo "<p><a href=\"logout.php\">Click here to logout!</a></p>"; ?>

Step 6: Logout

 

logout.php

 

Ah, although it would be nice if our user's never left our web sites, we should give them to opportunity to log out and destroy the session variables if they so choose. It's quite easy to do, and you can just copy and paste this one.

 

<?php session_start(); session_unset();  session_destroy(); // Logged out, return home. Header("Location: index.php"); ?>

That's about it!. I used many simple examples hoping that you will learn how the internal systems work so you can expand on them and design a system that's just right for your needs. Have fun! Posted Image
well, i'm going to try this latter...

thanks for the tutorial btw!

Share this post

Link to post
Share on other sites

iGuest    3

iGuest
Posted
SQL CodePhp Simple Login TutorialReplying to HmmZWell, I know some people out there are learning SQL so if they would like they can just use this SQL code and run it through the SQL Panel area:CREATE TABLE `dbUsers` ( `id` INT(10) NOT NULL AUTO_INCREMENT, `username` VARCHAR(16) NOT NULL, `password` CHAR(16) NOT NULL, `email` VARCHAR(25) NOT NULL, PRIMARY KEY (`id`), UNIQUE (`username`))TYPE = myisam;That code above is for this login.-reply by todd

Share this post

Link to post
Share on other sites

andreip    0

andreip
Posted

Looks great even tough I haven't tried yet. I bet that with some CSS and Photoshop would like awesome disguising the forms the buttons and the content. Thank you for sharing with us !

Share this post

Link to post
Share on other sites

iGuest    3

iGuest
Posted
Solved password problemPhp Simple Login Tutorial

I could not get the script to allow me to log in, after some troubleshooting I noticed that defining the password field in the DB as 16 chars was limiting the hash, and once I used MD5 with 32 chars defined it worked fine.

Share this post

Link to post
Share on other sites

iGuest    3

iGuest
Posted
php register and loginPhp Simple Login Tutorial

With regards to the last comments and the login rejection. I've found a fix!

Change the MySQL dbUsers password column to char(60) rather than 16. A simple password like 'test' requires 40 characters after the encryption so if its only possible to return 16, this wont be adequate to read the password correctly.

thanks

Great script!

Share this post

Link to post
Share on other sites

TheDarkHacker    0

TheDarkHacker
Posted

Its more simpler to make one file called users.txt then use this functions:

<?phpfunction checkPass($nameOfUser,$password){$content=file_get_contents('users.txt');$arrayWithUsers=explode("\n",$content);foreach($arrayWithUsers as $userPass){$data=explode(":",$userPass);if($data[0]==$nameOfUser and $data[1]==md5($password)){return true;}}function newUser($name,$pass,$email){$handler=fopen('users.txt','w');fwrite($handler,"\n".$username.":".$pass.":".$email);}?>

Share this post

Link to post
Share on other sites

livepcportal    0

livepcportal
Posted

Wow! finally I got a tutorial to create simple php login system. As I am still learning PHP this tutorial is really helpful and will be a good foundation for me to create a more advanced login system in future and implement that login system on my site.Thanks for this tutorial!

Share this post

Link to post
Share on other sites

iGuest    3

iGuest
Posted

When I tried this, the register page came with and error saying that on line 11 and 55, "op"was an undefined index, can someone help me on this?

Share this post

Link to post
Share on other sites

iGuest    3

iGuest
Posted
where did you get the "op" variable?Php Simple Login Tutorial

What is op??

 

<?phpSession_start();// dBase fileInclude "dbConfig.Php";if ($_GET["op"] == "login") { if (!$_POST["username"] || !$_POST["password"])  {  die("You need to provide a username and password.");  } // Create query $q = "SELECT * FROM `dbUsers` "  ."WHERE `username`='".$_POST["username"]."' "  ."AND `password`=PASSWORD('".$_POST["password"]."') "  ."LIMIT 1"; // Run query $r = mysql_query($q); if ( $obj = @mysql_fetch_object($r) )  {  // Login good, create session variables  $_SESSION["valid_id"] = $obj->id;  $_SESSION["valid_user"] = $_POST["username"];  $_SESSION["valid_time"] = time();  // Redirect to member page  Header("Location: members.Php");  } else  {  // Login not successful  die("Sorry, could not log you in. Wrong login information.");  } }Else {//If all went right the Web form appears and users can log in echo "<form action="?op=login" method="POST">"; echo "Username: <input name="username" size="15"><br />"; echo "Password: <input type="password" name="password" size="8"><br />"; echo "<input type="submit" value="Login">"; echo "</form>"; }?>

-question by karen

 

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept