PHP User Authentication with MySQL

Last modified on October 17th, 2018 by Vincy.

User authentication is a process of validating users with some keys, token or any other credentials. If the user gives correct credentials then the authentication process will be succeeded. After successful authentication, the users will be allowed to the system as authenticated users.

In this tutorial, we are going to create a PHP user authentication system with MySQL database.  It will be easy to understand this example code. By reading this article, you will learn how to code PHP user authentication. Also, I have added the downloadable source code at the end of this article.

php_user_authentication

In this user authentication example, it has a login panel to let users enter their login details. In this example, the username and password from the registered users’ database are needed for authentication. By submitting these login credentials, it will be posted to a PHP page.

In PHP code, it executes a SELECT query to check if a user found in the database with the entered login credentials. If a match found, then the authentication process will be cleared by the user who attempts login. After successful login, the authenticated user will be allowed to enter into the application.

Steps to create a user authentication system in PHP.

  1. Create a MySQL database with users table.
  2. Create a user login panel to submit login details to PHP.
  3. Generate query to compare user login details with the MySQL user database.

1) Create a MySQL Database with Users Table.

For creating a database and the database tables you can run the MySQL CREATE statement. Instead, you can go with any database client like SQLYog, PHPMyAdmin. I am using PHPMyAdmin for creating database and table structure that is used for the MySQL examples.

In this example, I created a database named as payload for creating users table. The following screenshot shows the users table structure with data.

user_database

2) Create User Login Panel.

The following HTML code is used to show user login panel to the users to enter their authentication details. It has two input fields for getting username and password from the users. Once the user entered their login details and submitted the form, the username and password data will be posted to the PHP to process authentication with MySQL database.

<form name="frmUser" method="post" action="">
	<div class="message"><?php if($message!="") { echo $message; } ?></div>
		<table border="0" cellpadding="10" cellspacing="1" width="500" align="center" class="tblLogin">
			<tr class="tableheader">
			<td align="center" colspan="2">Enter Login Details</td>
			</tr>
			<tr class="tablerow">
			<td>
			<input type="text" name="userName" placeholder="User Name" class="login-input"></td>
			</tr>
			<tr class="tablerow">
			<td>
			<input type="password" name="password" placeholder="Password" class="login-input"></td>
			</tr>
			<tr class="tableheader">
			<td align="center" colspan="2"><input type="submit" name="submit" value="Submit" class="btnSubmit"></td>
			</tr>
		</table>
</form>

These styles are added for the user authentication form elements by including a CSS file. The CSS provides a minimal look and feel to the PHP user authentication UI. It is just a skeleton and could be changed easily for application theme. 

body{
	font-family: calibri;
}
.tblLogin {
	border: #95bee6 1px solid;
    background: #d1e8ff;
    border-radius: 4px;
}
.tableheader { font-size: 24px; }
.tableheader td { padding: 20px; }
.tablerow td { text-align:center; }
.message {
	color: #FF0000;
	font-weight: bold;
	text-align: center;
	width: 100%;
}
.login-input {
	border: #CCC 1px solid;
    padding: 10px 20px;
}
.btnSubmit {
	padding: 10px 20px;
    background: #2c7ac5;
    border: #d1e8ff 1px solid;
    color: #FFF;
}

3) Generate Query to Compare User Input with the Database.

In the following PHP code, it checks the $_POST global array length before executing the authentication code block. Once the user authentication form is submitted, then this global array will contain the values of the form input fields. In the PHP authentication code, it connects the MySQL database by specifying the configurations to get the connection object.

After receiving user authentication details in PHP, it compares the form data with the user database by executing a query by using the connection object. In this query, it uses the username and password entered by the user to check if any match found. If match found, it means the user is a valid user who registered already with the system. So, the authentication code will allow the user to proceed further.

No matter whether the authentication is cleared or not. Anyhow this code will acknowledge the user by displaying success or warning based on the result of the authentication process..

<?php
$message="";
if(count($_POST)>0) {
	$conn = mysqli_connect("localhost","root","","phppot_examples");
	$result = mysqli_query($conn,"SELECT * FROM users WHERE user_name='" . $_POST["userName"] . "' and password = '". $_POST["password"]."'");
	$count  = mysqli_num_rows($result);
	if($count==0) {
		$message = "Invalid Username or Password!";
	} else {
		$message = "You are successfully authenticated!";
	}
}
?>

PHP User Authentication Form Output

The PHP user authentication form output will look the below screenshot.

user-authetication-form

Download

↑ Back to Top

Share this Article