IntenseClick

Home » PHP code for login page script

PHP code for login page script

by Leave a Comment

This code sets up a basic login page with a form that accepts a username and password. When the form is submitted, the script checks the database for a user with the given username and password. If the user is found, their username is stored in a session and they are redirected to a dashboard page. If the user is not found, an error message is displayed. Note that you will need to replace the database credentials and the redirect URL with your own values. Also, you should always sanitize and validate user input before using it in a query to prevent SQL injection attacks.

<?php
session_start(); // Start a new session

if(isset($_POST['login'])) { // Check if the login form has been submitted
    $username = $_POST['username'];
    $password = $_POST['password'];
    // You should also sanitize and validate the user input before using it in a query to prevent SQL injection attacks
    
    // Connect to the database (replace the credentials with your own)
    $db = mysqli_connect('localhost', 'username', 'password', 'database_name');
    
    // Check if the database connection was successful
    if(!$db) {
        die("Connection failed: " . mysqli_connect_error());
    }
    
    // Query the database for the user's account
    $query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
    $result = mysqli_query($db, $query);
    
    // Check if the query was successful
    if(mysqli_num_rows($result) == 1) { // The user's account was found in the database
        $_SESSION['username'] = $username; // Store the username in the session
        
        // Redirect the user to the dashboard page (replace "dashboard.php" with your own page)
        header('Location: dashboard.php');
        exit();
    }
    else { // The user's account was not found in the database
        $error = "Invalid username or password.";
    }
}
?>

<!DOCTYPE html>
<html>
<head>
    <title>Login Page</title>
</head>
<body>
    <h1>Login Page</h1>
    <?php if(isset($error)): ?>
    <p><?php echo $error; ?></p>
    <?php endif; ?>
    <form method="post">
        <label>Username:</label>
        <input type="text" name="username"><br><br>
        <label>Password:</label>
        <input type="password" name="password"><br><br>
        <button type="submit" name="login">Login</button>
    </form>
</body>
</html>

Lets understand the detailed explanation of the code:

  1. First, the script starts a new session using the session_start() function. Sessions are used to store data that can be accessed across multiple pages on a website.
  2. When the login form is submitted (i.e. the “login” button is clicked), the script checks if the $_POST superglobal contains a value for the “login” key. This is done using the isset() function.
  3. If the “login” button was clicked, the script retrieves the username and password that were entered in the form using the $_POST superglobal.
  4. Next, the script connects to the database using the mysqli_connect() function. This function takes four parameters: the hostname of the database server, the username and password used to connect to the database server, and the name of the database to use. You should replace the values in the mysqli_connect() function with your own database credentials.
  5. The script then checks if the database connection was successful using the mysqli_connect_error() function. If the connection was not successful, the script dies and displays an error message.
  6. The script then constructs a SQL query that selects a user from the “users” table in the database that matches the username and password entered in the login form. This is done using a string interpolation to substitute the values of $username and $password into the query.
  7. The script executes the SQL query using the mysqli_query() function, which returns a result object.
  8. The script checks if the result object contains exactly one row using the mysqli_num_rows() function. If the result object contains one row, the user’s account was found in the database, and their username is stored in a session variable using the $_SESSION superglobal. The script then redirects the user to a dashboard page using the header() function. You should replace the value of the header() function with the URL of your own dashboard page.
  9. If the result object does not contain one row, the user’s account was not found in the database, and an error message is stored in a variable called $error.
  10. Finally, the script outputs an HTML page that contains a login form. If the $error variable is set, an error message is displayed. The form contains two input fields for the username and password, and a “login” button that submits the form to the script when clicked.

More tech articles

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.