PHP, MySQL, Drupal, .htaccess, Robots.txt, Phponwebsites

6 Jul 2014

Login validation using php and mysql

                      Everybody should see the login pages in most of websites. You should have doubt about this login form, how they validate username and password. There is nothing, just only 2 steps as follows as for login validation using php.
                      1. You enter username and password already registered which is stored in mysql database.
                      2. After you submit a button to login, it check the database values whether the username and password is correct or not using php and mysql query. The mysql query for select a values from mysql database as like this:
             
             ie, SELECT * FROM table_name WHERE name='username' and password='password' 

If it return values correctly, then you can login. Otherwise it give error message.

Simple login validation using php and mysql: 


                      Lets see how to validate the username and password using php.
                      1. First you create table using mysql query like this:

           CREATE TABLE login(name varchar(30), password varchar(30), PRIMARY KEY(name))

Now the table 'login' is created. The field 'name' is primary key. Because the username must be unique.
                      2. Then insert values into table using  mysql query like this:

           INSERT INTO login VALUES('guru','guru') 

Now the table look like this:

login validation using php

                       3. The php script for login validation as follows as:
login.php:

<html>
<head>
<style type="text/css">
 input{
 border:1px solid olive;
 border-radius:5px;
 }
 h1{
  color:darkgreen;
  font-size:22px;
  text-align:center;
 }
</style>
</head>
<body>
<h1>Login<h1>
<form action='#' method='post'>
<table cellspacing='5' align='center'>
<tr><td>User name:</td><td><input type='text' name='name'/></td></tr>
<tr><td>Password:</td><td><input type='password' name='pwd'/></td></tr>
<tr><td></td><td><input type='submit' name='submit' value='Submit'/></td></tr>
</table>

</form>
<?php
session_start();
if(isset($_POST['submit']))
{
 mysql_connect('localhost','root','') or die(mysql_error());
 mysql_select_db('new') or die(mysql_error());
 $name=$_POST['name'];
 $pwd=$_POST['pwd'];
 if($name!=''&&$pwd!='')
 {
   $query=mysql_query("select * from login where name='".$name."' and password='".$pwd."'") or die(mysql_error());
   $res=mysql_fetch_row($query);
   if($res)
   {
    $_SESSION['name']=$name;
    header('location:welcome.php');
   }
   else
   {
    echo'You entered username or password is incorrect';
   }
 }
 else
 {
  echo'Enter both username and password';
 }
}
?>
</body>
</html>


        Where,
                if(isset($_POST['submit']){}    means run after submit a results.
                if($name!=''&&$pwd!=''){}   means if either username or password is empty, it give message like as 'Enter both username and password'.
                mysql_query("select * from login where name='".$name."' and password='".$pwd."'  ")      select the values if the username and password is present.
                $res=mysql_fetch_row($query) return row as numeric array.
You don't know about mysql_fetch_row, then visit mysql-fetch-row in mysql.
               if($res){} validate the result. If it is correct, then your name is stored in session variable and also you'll navigate to 'welcome.php' page. Otherwise you'll get 'You entered username or password is incorrect' message. You want to visit Session in php.
              When you run the above file, it should be like this:

login form in html and php
             
               The php script for welcome page:

 welcome.php:


<?php    
         session_start();
         $name=$_SESSION['name'];    
         echo'welcome :'. $name.'<br>';
         echo'<a href="signout.php">Signout</a>';
?>

      
             Now you enter username and password  'guru' and 'guru', you will navigate to 'welcome.php' page and get output like this:

                   welcome: guru
                   Signout

 If it is wrong, then you can't login.


Signout in php:              


            When you click the signout.php, it destroy the session and return back to login page. The php script for signout page:
signout.php:

<?php    
         session_start();
         session_destroy();
         header('location:login.php');
?>

                session_destroy is used to destroy the session variable in php.

Related Post:
Create Registration form using PHP and MySQL
Login form validation with remember function using php and mysql
Forgot password to mail in login form validation using PHP and Mysql