PHP Login Script with Session

PHP login script is used to provide user authentication for our PHP website. This script will be executed on submitting user login details such as username/email and password.

We have seen two ways of sending login details from UI to PHP login script. These are, login form submit, and PHP AJAX post. We havn’t see about maintaining login status for logged in user. In this article, we are going to use PHP sessions to keep user login status.

php_login_script

PHP Login Sessions

After getting login credentials from user, we need to compare with database to check whether they are valid or not. If so, we need to add required login information to $_SESSION super global with corresponding session ids. For example, $_SESSION[“member_id”], $_SESSION[“display_name”].

By using these login session information, we ensure that user is logged in. These login session ids are preserved until the user is logout. While logout, these sessions are cleared by using PHP unset().

User Login Interface

First, we need to create login interface to allow user to submit authentication information. The HTML and CSS code are,

Login Form HTML

<html>
<head>
<title>User Login</title>
<link rel="stylesheet" type="text/css" href="styles.css" />
</head>
<body>
<form name="frmUser" method="post" action="">
<div class="message"><?php if($message!="") { echo $message; } ?></div>
<table border="0" cellpadding="10" cellspacing="1" width="500" align="center">
<tr class="tableheader">
<td align="center" colspan="2">Enter Login Details</td>
</tr>
<tr class="tablerow">
<td align="right">Username</td>
<td><input type="text" name="userName"></td>
</tr>
<tr class="tablerow">
<td align="right">Password</td>
<td><input type="password" name="password"></td>
</tr>
<tr class="tableheader">
<td align="center" colspan="2"><input type="submit" name="submit" value="Submit"></td>
</tr>
</table>
</form>
</body></html>

styles.css

.tableheader {
background-color: #95BEE6;
color:white;
font-weight:bold;
}
.tablerow {
background-color: #A7D6F1;
color:white;
}
.message {
color: #FF0000;
font-weight: bold;
text-align: center;
width: 100%;
}

Login Screen

user_login_screen

PHP Login Script

After creating user login interface, we need to write PHP script. This script will authenticate user and PHP header() to redirectredirect them to their private page on successful login.

User Authentication

In this step we have to,

  • get user login details sent via PHP request methods GET/POST
  • compare user input with database to authenticate
  • add valid authenticated user data into session

Login Ridirect

Once users logged in successfully, then they will be redirected to the user dashboard or profile page or anything. In this example, we have an dashboard page showing Welcome message with logout link. The code for PHP login is,

<?php
session_start();
$message="";
if(count($_POST)>0) {
$conn = mysql_connect("localhost","root","");
mysql_select_db("phppot_examples",$conn);
$result = mysql_query("SELECT * FROM users WHERE user_name='" . $_POST["user_name"] . "' and password = '". $_POST["password"]."'");
$row  = mysql_fetch_array($result);
if(is_array($row)) {
$_SESSION["user_id"] = $row[user_id];
$_SESSION["user_name"] = $row[user_name];
} else {
$message = "Invalid Username or Password!";
}
}
if(isset($_SESSION["user_id"])) {
header("Location:user_dashboard.php");
}
?>

We can add this code above HTML which will be executed automatically on form submit.

Otherwise, we can save it as individual file with .php extension, for example, login.php. And then, we need to specify this file for form action.

User Dashboard

The code for dashboard page is,

<?php
session_start();
?>
<html>
<head>
<title>User Login</title>
<link rel="stylesheet" type="text/css" href="styles.css" />
</head>
<body>
<table border="0" cellpadding="10" cellspacing="1" width="500" align="center">
<tr class="tableheader">
<td align="center">User Dashboard</td>
</tr>
<tr class="tablerow">
<td>
<?php
if($_SESSION["user_name"]) {
?>
Welcome <?php echo $_SESSION["user_name"]; ?>. Click here to <a href="logout.php" tite="Logout">Logout.
<?php
}
?>
</td>
</tr>
</body>
</html>

Welcome message in this page addresses the logged in user by their name. Link logout redirects user to logout.php and clear user login session.

Dashboard Screen

user_dashboad

logout.php

<?php
session_start();
unset($_SESSION["user_id"]);
unset($_SESSION["user_name"]);
header("Location:user_login_session.php");
?>

Download

This PHP code tutorial was published on July 22, 2013.

↑ Back to Top