Monday, December 7, 2009

Create simple login page using PHP


Create simple login page using PHP
Hello again all coding freak... In this PHP tutorial I will give examples of the use of the database, session, and encryption
I use MD5 to make the PHP code that is secure as the login page, although not 100% safe.

And of course this article is just an example, while development is hung to you.
Like the previous article, I just explained a bit of an example related to
source code and how the source code.

Simply put, the way it works is like code below:



1.)    When users enter a username and password, then the first thing to do is check the database if the username is registered, if registered in the database, in this case we need a variable that indicates that the user is present.

2.) After that then the user will be given a session that is taken from the username, if the previous password is checked by MD5 is successfully performed.

3.) If all does not match then the user will be redirect to the login.html page, making it look like a stay in one page.

Before making the PHP script, let’s begin by creating the database:



create database userdb;
use userdb;
create table tbl_user(id int(3) primary key auto_increment,username varchar(50), password varchar(50));
insert into tbl_user values('','admin','21232f297a57a5a743894a0e4a801fc3');
21232f297a57a5a743894a0e4a801fc3 --> this is md5 from 'admin'


After that, we need to create the login page as you see at the script below :
// login.html


<html><head><title>Login Page ... </title></head>
<body>
<br><br><br><br><br><br><br><br><br><br><br>
<table border=1 align=center>
<form method=post action=check.php>
<tr><td>username</td><td><input type=text name=username></tr>
<tr><td>password</td><td><input type=password name=password></tr>
<tr><td></td><td><input type=submit name=submit value=Enter></tr>
</form>
</table></body>
</html>


Then…create the config.php page
// config.php


<?php

$host = "localhost";
$username = "root";
$password = "";
$databasename = "userdb";
$connection = mysql_connect($host, $username, $password) or die("Connection Error");
mysql_select_db($databasename, $connection) or die("The database is Error");

?>


After that we create the page check.php

// check.php


<?php

session_start();
include "config.php" ;

$username = $_POST['username'];
$password = $_POST['password'];
$passwordhash = md5($password);  // password encryption to match with the database

$query = "select username, password from tbl_user where username = '$username' and password = '$passwordhash'";
$runquery = mysql_query($query);

$exist_or_not = mysql_num_rows($runquery);

if ($exist_or_not >= 1 )
{

$_SESSION['username'] = $username;
header("location: main.php");

}

else
header("location: login.html");
           
?>



And then we create the point, it’s main.php
// main.php


<?php
session_start();
if (ISSET($_SESSION['username']))
{
print $_SESSION['username'];
print "<br><a href=logout.php?logout=true>logout</a>";
}
else
header("location: login.html");
?>
And then…the logout.php page

//logout.php


<?php

session_start();

if ($_REQUEST['logout'] == "true")
{
    if(ISSET($_SESSION['username']))
    {
    UNSET($_SESSION['username']);
    }
}
header("location: login.html");
session_destroy();

?>



I think that’s enough for the source code. Now I'll explain a little about the above codes.
We passed the config.php, because I have discussed it previously, we went into the, check.php.

See section

session_start ();

The use of session should begin by using this function.
Then there is written a sentence like this ...

$password = $ _POST ['password'];
$passwordhash = md5($password);

I took the global variable $ _POST [ 'password'] then paste into a new variable, it’s $password. Because in the database is in the form of MD5 encryption is necessary to match the existing in the database is to encrypt the password was a global variable.


Then the next argument is the SQL query

$ command = "select username, password from tbl_user where username = '$ username' and password = '$passwordhash'";

I think the query above is familiar to you. :D
And the scripts below it quite easy to understand :D.
That’s all. If there are still confused, please just feel free to ask.
Thanks.

Related Posts by Categories



1 comments:

Smith on August 25, 2011 at 12:54 PM said...

I found a very basic LOGIN FORM at http://paidcritique.blogspot.com/2011/08/log-in-basic.html

it says that it came from some seller of black scrubs, brown scrubs and gray scrubs from PulseUniform.

Post a Comment

Maybe this is what you looking for

 

Subscribe Now

Followers

IT Skill is not enough... Copyright © 2009 Designed by Bie Blogger Template