5 Easy Steps to Create Simple & Secure PHP Login Script - Free
  • Home
  • PHP

5 Steps to Create Simple Secure Login Script in PHP and MySql

simple user login script in php mysql

This is a Simple to Advanced Login Script System using PHP and MySQL. In this script, a form will be displayed with two fields, username, and password. When the user is submitting with valid username and password, then he can access authenticated page. Otherwise, users again have to fill in the form. This is a continuation from the last article Simple User Registration Script in PHP and MySql. If you want to follow next article these are the links.

Here you will learn about Simple Login System & also an advanced system. Simple Login Script System is targetted towards beginners and helps you to learn the script easily. Advanced Login Script System is more secure than the simple Login Script and it is targetted towards intermediate, advanced users even beginners also can easily understand it. I’ve also created video tutorials for both the Login Systems. And also I’ve created a video course, I highly encourage you to join my course. So that, you will learn more advanced topics in user login & registration system.

(i). Simple User Login Script in PHP & MySQL
(ii). Advanced User Login, Registration, Forgot(reset) Password in PHP & MySQL

  1. Simple User Registration Script in PHP and MySQL
  2. Simple Login Script in PHP and MySQL
  3. User Login with activation check using PHP and MySQL
  4. Send Forgotten Password by mail using PHP and MySQL
  5. Check Username Availability With jQuery In PHP And MySql

(i). Steps to create Simple Login Script in PHP and MySQL

  1. First step we will connect to the database.
  2. Then we will select the database.
  3. We are checking, if the form is submitted or not. In this step we have two logic’s.
    • What if the form is submitted.
      1. If the form is submitted, we are assigning the posted values to variables and checking the values are existing in the database or not.
      2. If the values submitted in the form and the values in the database are equal, then we will create a session for the user.
      3. If the values are not equal then it will display an error message.
      4. And then we checks for the session, if the session exists we will great him with the username, otherwise the form will be displayed.
    • What if not the form is submitted.
      1. When the user comes first time, he will be displayed with a simple form.
      2. User Name, Password and a submit button.

Below is the Video on Simple User Login Registration Script in PHP

Subscribe on Youtube

1. Create a Database Table

If you are already following from previous article, you should already have database table created. If you don’t have create the table.

2. Creating HTML User Login Form

This is the form, only displayed if message variable in not set.

3. Adding styles to Login Form

And the styles for the form, if you have added styles in previous article. Skip this step.

4. Connect to Database

If you are following from previous user registration article, no need to create this file. Other wise create connect.php file.

5. PHP Logic for User Login

And this is the PHP code for logging in user

Logout.php

Complete Code of login.php

If you want to learn other things you can read other posts – registration, login, user login with activation check, and sending forgotten password by email, Check Username Availability .

(ii). Steps to create Advanced Login Script System in PHP and MySQL

In the above simple login script, we have some flaws. That is I’m using plain text passwords and it is easy to do SQL injections and lot more. Because that is targetted to beginners for learning purpose.

Here in this advanced login system, you will learn a lot of advanced things and some of the features are below.

  • Login with User Name or E-Mail
  • Securing Login from SQL injections
  • Encrypting Users Password
  • Login using PHP Sessions
  • Only Active Users Can Login

In this script we will start by checking the session, if the user already logged in he will be redirected to index.php page that is members area. After the form submission, we check post superglobal isset and not empty. In this code, I’m using DB connection from above code, database table and HTML form from our above code.

Here I’m just working on improving PHP logic from above code.

Below is the Video on Advanced & Secure PHP User Login Registration Script With All Features

Subscribe on Youtube

If the post superglobal is set and not empty, if it’s true I’m assigning the submitted values to variables using this code and encrypting password to md5 hashing instead of plain text password.

After that, I’m writing an SQL query to check the user details in database tables with submitted user information. Executing the query and also counting the number of rows in result set. If the number of rows is equal to one then we will set the session and redirect the user to members area page. Otherwise, we will display an error message. I’m already displaying these messages in above the form HTML code, if you are following from above you will already have it.

And next important cocept is user will be able to login with username or email. For that I’ll modify the SQL query little bit. So, that we will check the submitted value if it’s email we will check it with email column. If it’s not email we will check it in username column. And I’m creating SQL query over couple of conditions and statments.

Checking the user, if his account is activated then only we will allow hime to login otherwise he won’t be able to login. For that I’m using active column, if the user activates his account by verifying his email. Then only his account status becomes active, that means active column becomes to 1.

Here is the improved code with above discussed condition.

Complete code of Advanced Login Script System in PHP & MySQL

Download the Complete Code

[sociallocker]

Download the Complete Code

[/sociallocker]

Next Steps After User Login

Password Encryption

Instead of md5 hashing algorithm, use password_verify PHP function in conjection with password_hash PHP fucntion. This password_hash should be used while registering users and while login you can use password_verify PHP function.

I hope this article helped you to learn user login using PHP and MySQL . To get latest news and updates follow us on twitter & facebook, subscribe to newsletter. If you have any feedback please let us know by using comment form.

Vivek Vengala
 

Vivek Vengala is a Online Entrepreneur, Web Developer from Hyderabad India.