Webdevelopment at huuah.com » script http://huuah.com webdevelopment, cms, php, javascript etc Sat, 04 Sep 2010 22:55:27 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 A simple login script with PHP and MySQL http://huuah.com/a-simple-login-script-with-php-and-mysql/ http://huuah.com/a-simple-login-script-with-php-and-mysql/#comments Fri, 09 Oct 2009 17:45:29 +0000 js - huuah http://huuah.com/?p=417 With this guide I will try to go through the very basic techniques of making a simple php script that can handle login authorization of website users.

The guide will be based on common Linux installations of both MySQL and PHP.

Step 1 – the database

Create a table…

]]> With this guide I will try to go through the very basic techniques of making a simple php script that can handle login authorization of website users.

The guide will be based on common Linux installations of both MySQL and PHP.

Step 1 – the database

Create a table in your MySQL database with 2 fields, username and password. This could be done by running the following code in your MySQL shell or from phpMyAdmin or another interface:

CREATE TABLE `login` (
`username` TEXT NOT NULL ,
`password` TEXT NOT NULL
)

The database table called login is now created with 2 field named username and password.

Step 2 – The HTML form

First we have to create the web formula to show the login function:

<form action="login.php" method="post">
  <input type="text" name="username">
  <input type="password" name="password">
  <input type="submit" value="Login">
</form>

This will output 3 field like this:

When submitting the form, either by hitting enter or by clicking the Login button, the formula will send the username and password to the login.php file.

Step 3 – Getting the information from the website.

The login information has now been sent to the login.php and we have to receive these value before checking them against the MySQL database.

Login.php:

  <?php
  ...
  // receiveing the login information
  $username = $_GET["username"];
  $password = $_GET["password"];
  ?>

Step 4 – Connecting to the database

Before checking the login data against the database, we have to open a new connection.

<?php
  ...
  //login information to the MySQL database
  $dbuser = "myUsername"; // change myUsername to your own username
  $dbpass = "myPassword"; //change myPassword to your own password
  $dbhost = "localhost"; // this should work in most cases. Otherwise contact your webhost
  $db = "myDatabase"; // change myDatabase to your the database assigned to your login

  // perform user authentication
  mysql_connect($server, $dbuser, $dbpass);
  // selecting database
  mysql_select_db($db;

  ...
?>

Step 5 – Comparing the username and password against the database

We have the login information from the formula and we have opened a connection to the database. Great. All we have to do, is the actually user validation.

<?php
  ..
  // check the content of our $username and $password variable against the login table
  $sql = "SELECT username FROM login WHERE username='$username' AND password='$password'";
  // perform the query
  $query = mysql_query($sql);
  // check if the request returned 1 or 0 rows from the database
  if (mysql_num_rows($query)) {
    // 1 or more rows matched our request, which means the username and password combo are valid
  } else {
    // 0 rows matched our request. Login is not valid then.
  }
  ..
?>

Step 6 – All done, final pointer

This is a very basic type of php login script. There are a lot of other things to have in mind when making database queries, that I have not convert in the above examples:

  • Perhaps the login table should hold more information, like a user id for easier validation later on the the script.
  • Double checking and validating user input to prevent SQL Injection. This could be done be PHP Magic Quotes or by manually applying addslashes() and stripslashs().
  • ..

But then again. Very simple demonstration.

]]> http://huuah.com/a-simple-login-script-with-php-and-mysql/feed/ 2