PHP User Authentication with MySQL

In this tutorial, we are going to see how to implement user authentication mechanism in PHP using MySQL. Authentication is used validate users entering into our website. It protects our website by preventing anonymous access and allows genuine users who clear authentication process.

In this user authentication example, it has a login panel to let users enter their login details. On submitting login details to a PHP page, it compares the submitted data with the user database table. If there is a match found in the user database for the user who attempts login then he will be considered as an authenticated user and allowed to enter into our website.

Steps to create user authentication system in PHP.

  1. Create MySQL database with users table.
  2. Create user login panel to submit login details to PHP.
  3. Generate query to compare user login details with the MySQL user database.

php_user_authentication

Create MySQL Database with Users Table.

Create a new database using MySQL query or by using any database client like SQLYog, PHPMyAdmin and etc. In this example, I created a database named as payload and the table name is users. The table fields are shown in the figure below.

user_database

Create User Login Panel.

The following HTML code is used to show user login panel to enter authentication details. It has two input fields for entering username and password. On submitting this form these two field values will be posted to PHP.

<form name="frmUser" method="post" action="">
	<div class="message"><?php if($message!="") { echo $message; } ?></div>
		<table border="0" cellpadding="10" cellspacing="1" width="500" align="center" class="tblLogin">
			<tr class="tableheader">
			<td align="center" colspan="2">Enter Login Details</td>
			</tr>
			<tr class="tablerow">
			<td>
			<input type="text" name="userName" placeholder="User Name" class="login-input"></td>
			</tr>
			<tr class="tablerow">
			<td>
			<input type="password" name="password" placeholder="Password" class="login-input"></td>
			</tr>
			<tr class="tableheader">
			<td align="center" colspan="2"><input type="submit" name="submit" value="Submit" class="btnSubmit"></td>
			</tr>
		</table>
</form>

And the CSS is,

body{
	font-family: calibri;
}
.tblLogin {
	border: #95bee6 1px solid;
    background: #d1e8ff;
    border-radius: 4px;
}
.tableheader { font-size: 24px; }
.tableheader td { padding: 20px; }
.tablerow td { text-align:center; }
.message {
	color: #FF0000;
	font-weight: bold;
	text-align: center;
	width: 100%;
}
.login-input {
	border: #CCC 1px solid;
    padding: 10px 20px;
}
.btnSubmit {
	padding: 10px 20px;
    background: #2c7ac5;
    border: #d1e8ff 1px solid;
    color: #FFF;
}

The HTML code and styles above with display the authentication form to the user like,

user-authetication-form

Generate Query to Compare User Input with the Database.

After receiving user authentication details in PHP, it compares the form data with the using database by executing a query. The following PHP code connects MySQL database and checks if the user authentication information submitted via the form is correct. Based on the result of the authentication process, it stores acknowledgment message to be shown to the user at the end of authentication.

<?php
$message="";
if(count($_POST)>0) {
	$conn = mysqli_connect("localhost","root","","phppot_examples");
	$result = mysqli_query($conn,"SELECT * FROM users WHERE user_name='" . $_POST["userName"] . "' and password = '". $_POST["password"]."'");
	$count  = mysqli_num_rows($result);
	if($count==0) {
		$message = "Invalid Username or Password!";
	} else {
		$message = "You are successfully authenticated!";
	}
}
?>

Download

This PHP code tutorial was published on May 7, 2013.

↑ Back to Top