Home >>MySQL Tutorial >PHP MySQL Secure Login Page

PHP MySQL Secure Login Page

Create Login Form PHP MySQL

Login page is basically a page having several fields that the user provide in order to get access of the home page of that site. if there is a previously registered user whose details are stored in the database and that particular user want to login then the details provided by him on the login page are cross checked with the fields in the database respectively. if the details are found to be correct the user is considered to be a valid user.

As we already know that http is a stateless protocol and it doesn't identify any previous user, that's why we maintain the session for that particular user.

Select Database test (Saved users data inside userinfo table in previous example)

<?php
$con=mysqli_connect("localhost","root","","test") or die(mysqli_error());
?>

PHP Script(for dynamic login)

<?php
session_start();
if(isset($_POST['signIn']))
{
if($_POST['id']=="" || $_POST['pwd']=="")	
{
	$err="fill your id and passwrod first";
}
else
{
$d=mysqli_query($con,"SELECT * FROM userinfo where user_name='{$_POST['id']}'");
$row=mysqli_fetch_object($d);
$fid=$row->user_name;
$fpass=$row->password;
if($fid==$_POST['id'] && $fpass==$_POST['pwd'])
{
$_SESSION['sid']=$_POST['id'];
header('location:HomePage.php');
}
else
{
$err="invalid id or pass";
}
}
}
?>

Login Form(HTML Script)

<form method="post">
<table width="323" border="1">
  <tr>
  <font color="#FF0000"><?php echo $err; ?></font>
    <th width="171" scope="row">Enter your id </th>
    <td width="136">
		<input type="text" name="id" />
	</td>
  </tr>
  <tr>
    <th scope="row">Enter your password </th>
    <td>
<input type="password" name="pwd"/>
	</td>
  </tr>
  <tr>
    <th colspan="2" scope="row">
	<input type="submit" value="SignIn" name="signIn"/>
	<a href="http://localhost/Mailserver/index.php?chk=4">SignUp</a>
	</th>
  </tr>
</table>
</form>
In the above example first connection to database is created after that id and password are entered by the user and as he click on the signing buttons these fields are cross checked with values in the database by using MySQL_query( ) . if user is authenticated then he will be redirected to homepage otherwise it show error message.

No Sidebar ads