It will be seldom found that an engaging website doesn’t propose an account creation from its customers. In order to do so, they need to have the facilities for a new user to register themselves, and later on login and interact with the website using their account. PHP exposes enough utilities to set up a functional Login Page, quickly, which can also scale later on as when required. After setting up a basic login form to request the credentials, the same PHP script can be used to process and validate the credentials, and redirect to the appropriate page on successful login. It also provides options for creating and storing cookies and sessions, to track users once they have completed the login process.
ADVERTISEMENT Popular Course in this category PHP DEVELOPER - Specialization | 8 Course Series | 3 Mock TestsStart Your Free Software Development Course
Web development, programming languages, Software testing & others
PHP is a scalable stateless server-side scripting language. It allows one to capture form data by storing them in arrays $_GET or $_POST depending on whether the method used while submitting the form is GET or POST. Generally, the post method is preferred due to security reasons. Upon submission, these arrays can be indexed by the input field names to get the specific value.
For login forms, the credentials are passed and stored in these arrays, which more often than not, is just a set of usernames and passwords. Based on the requirement, either the username & password combination can be directly validated in the PHP code itself, or the valid set of username, password combinations might be stored in a database which could be looked up.
Let’s create a page, Login.php containing the following HTML lines:
Code:
A sample login pageEnter Login Information:
Output:
These lines create a very simple form, requiring a user to enter two fields, a username, and a password. It provides a third input, which is a submit button and causes form data, i.e. username and password, be sent to the location mentioned in the action attribute of the form tag. Since it’s empty above, it passes the form information to the same PHP page.
The above page is static HTML code, without actually validating the user or login the person to internal web-pages. In order to do so, we need to process the values passed in the fields username and pwd stored in $_POST because of the method posts.
Thus the values are present can be checked using:
Code:
Upon verifying at both inputs are indeed present, we can validate their values and redirect a person to the appropriate welcome page.
We can achieve this by inserting following simple piece of code within the if-statement block shown above:
Code:
$username = $_POST['username']; $password = $_POST['pwd']; if($username == "admin" && $password == "l0G3In"){ header('location: Home.php'); } else { $error = "Invalid username or password!"; }
With the above lines, once the user has submitted a valid set of credentials, he’s allowed access to home.php, or we store an error message which can be shown to the user.
We don’t want a user to repeatedly login in upon every request. Thus we need to keep track of users who have logged in, irrespective of the page they are requesting. One way of achieving this in PHP is using sessions.
Briefly, sessions are a server-side small piece of information, temporarily stored for a client, once the page is requested. In PHP this is achieved by calling function session_start() as the first line in the script. From next time the page is accessed, session_start() doesn’t create a new session but retrieves information of the session started earlier and stores in a special array $_SESSION.
Values to be passed across pages while a session is active can be set in a similar fashion to a normal array and isset() function can be used to check if a particular value is available within the array.
Combining all the things discussed, the code will look as follows:
Code:
A sample login page
Enter Login Information:
Output:
Now, any other page which requires a login just needs to check that the session key login is set. If not, the user can be redirected to the login page. Else he has access to the secret internal content.
Let’s create one for demo purposes:
Code:
Welcome to User's Home PageWishing you a good day!!
Output:
Le code ci-dessus récupère d'abord les détails de la session en appelant session_start(). Il valide ensuite que la session est toujours active pour un utilisateur ayant terminé le processus de connexion. Dans le cas contraire, l'utilisateur est redirigé vers la page Login.php. Si l'utilisateur s'est connecté avec succès, le reste du contenu est disponible pour l'utilisateur.
Il est extrêmement simple de créer des pages de connexion en PHP. Ici, nous avons directement stocké les informations d'identification dans le script, mais idéalement (et le plus souvent), elles seront stockées sous une forme de base de données ou de gestionnaire de clés. De plus, nous avons utilisé ici des sessions qui sont stockées du côté du navigateur, mais vous pouvez utiliser des cookies qui sont stockés du côté du navigateur (client) mais qui sont moins fiables.
The above is the detailed content of Login Page in PHP. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
