Friday, December 06, 2013

Php Easy Login system -learnmore with @s.shivasurya

login 
Today we are living in profile world that represent our life in the web.so there are many websites are coming forward to register yourself and provide you privacy and experience the comfortness.website such as facebook,twitter,Google+ provides you a profile with seperate login system.login system is perfect system used nowadays to experience the service to the utmost levels with privacy.

why we choose logins and credentials?

the Logins and credentials are used to define the user for uniqueness and experience the services fully.credentials are used for restricting the access to the other users and privacy.


user-login-representation


what happens when You Enter a Logging system?

Generally when you enter a Username & Passwords through a Form.they are considered as input from users and they are being travelled to Server side validation.validation is the important step in a Login system.First it checks and clean the input values to avoid injecting database.then they are appended through a Query statement and if the process gets success,You are redirected to another page.If the process fails it stands in same page.

here i provide You a Simple codings from PHP & MYSQL:

config.php:

<?php 
$mysql_hostname = "localhost";$mysql_user = "username of mysql account";$mysql_password = "password";$mysql_database = "your database name";$bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database");mysql_select_db($mysql_database, $bd) or die("Could not select database"); ?>

create config.php file and keep it in Your web server directory.


create a table in your database:

CREATE TABLE IF NOT EXISTS `login` (`id` int(11) NOT NULL AUTO_INCREMENT,`username` varchar(500) NOT NULL,`password` varchar(500) NOT NULL, PRIMARY KEY (`id`)) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

Run sql query to generate the table.

create an index.php

<!DOCTYPE HTML>
<html>
<head>
<title>Login System</title>
</head>
<body>
<h1>Login Form</h1>
<?php
if(isset($_GET['msg']))
{
 $msg=$_GET['msg'];
 echo '<p><font color="red">';
 echo $msg;
 echo '</font></p>';
}
?>
<form action="verify.php" method=POST>
<label for="username">Username</label>
<input type="text" name="username" id="username" placeholder="username"><br>
<label for="password">Password</label>
<input type="password" name="password" id="password"  placeholder="password"><br><br>
<input type="submit" value="Submit">
</form>
</body>
</html>
save this code as index.php file in same directory.

verify.php:

<?php

$username=$_POST['username'];
$password=$_POST['password'];

$query="select * from user where username='".$username."'";
$result=mysql_query($query);
$records=mysql_fetch_array($result);

if($records)
{
 if($password==$records['password'])
 {
  session_start();
  $_SESSION['username']=$records['username'];
  $_SESSION['userid']=$records['id'];
  header('Location: home.php');
 }
 else
 {
  $msg="Password Incorrect";
  header('Location: index.php?msg='.$msg);
 }
}
else
{
 $msg="Username Incorrect";
 header('Location: index.php?msg='.$msg);
}
?>

home.php:
<?php
if(session_start())
{
$username=$_SESSION['username'];
$userid=$_SESSION['userid'];

echo "You Are Logged IN -<b>".$username."</b> and your ID is -<b>".$userid."</b>";
?>
<a href="logout.php">Log out </a> <?php
}
else
{echo "Access Denied";
}
?>
logout.php:
<?php
if(session_destroy()){ echo "logged out successfully!"; }
?>
this provides you to access the home.php.

if user bypass the login! he will be noted as 
Access Denied.

thus tutorial gives you a start up for login system and You can see advanced logins like php self() using functions in my next post,which is reliable now as secured.


if you feel free comment below.

6 comments:

Anonymous said...

HEY NICE ONE shiva BUT! THERE IS A SLIGHT BUG!
IN FORM TAG POST MUST BE IN "POST"

-@aishu

SHIVA SURYA said...

yeah correct aishu!
and change the querystatement user to login!
$query="select * from login where username='".$username."'";
$result=mysql_query($query);

Anonymous said...

quite useful for beginers but contains many vulnerabilities .....

Anonymous said...

pls post abt validating user input....

thanks,
naren.

Anonymous said...

your explanation towards the login and credentials was awsome..this shows your understanding capablity of needs in environment!

- ankush

Anonymous said...

good work ! this gave me a start up! pls post a secure login system in future

-Satish

Post a Comment

feel free to post your comments! Don't Spam here!