You are here:Home » Script » PHP Login Script
8:30 AM

PHP Login Script


PHP Login Script

Many people have been wondering how they can create a secure login form. A secure login form must have security checks, free from mysql injections or database attacks, passwords must be encoded, e.t.c.

If you are one of such wonderers today, this script is just for you. You would really like it. Please don’t forget to leave a comment or post in tutorials. You can also work on (improve) our tutorials and then post back for the benefit of the community.

php login script

Download

This tutorial require the jQuery-1.5.1.min.js plugin. A MySQL file is also attached to the download file to help you create the database.

We shall create four files named below:
  1. Index.php - Login and registration page
  2. Process.php
  3. Loggedin.php
  4. Logout.php

Index.php - Login and logout page

<html>
<head>
<title>Secure Login Form - Ohwofosirai Desmond</title>
<script src="jquery-1.5.1.min.js"></script>
<script>
var msg=
[
"Valid Format: you@domain.com",
"Alphanumeric chars preferred",
];
var prev;
function show(msg_id){
if (msg_id==2){
    document.getElementById("tip"+prev).innerHTML="";
    }
else{
    document.getElementById("tip"+msg_id).innerHTML=msg[msg_id];
    prev=msg_id;
    }
}

function just(action){ 
if (action=='login')
var key="u="+$("#u").val()+"&p="+$("#p").val()+"&a="+action;
else
var key="u="+$("#u1").val()+"&p="+$("#p1").val()+"&a="+action;
$.ajax({
    url: "process.php",
    type: "post",
    data: key,
    async:false,
    success:function(response){
    if (response==0)
    $("#res").html("Wrong Email or Password");
    else if(response==1)
    window.location.href="loggedin.php";
    else if(response==2)
    $("#res1").html("Registered Successfully");
    }

});
                }

</script>
<style type="text/css">
label{
        font-variant:small-caps; color:#690069; font-weight:bold;
        margin-left:0em;
    }
form{
        font-family:cursive; margin-top:1em; margin-left:5em;
        border:1px solid #aaaaaa; float:left; width:40%;
        }
input{
        margin:4px; outline:none; border:1px #aaaaaa solid;
    }
input[type=submit]{
        margin-left:14.8em
                }
span{
        color:#ffccff; font-size:12px;
        }
h1,p{
        margin-left:5em; color:#000000; text-align:left;
        }
</style>
</head>
<body>
<h1>Welcome to Osirai's Blog</h1>
<p/>
<i id="res">Please Login to enjoy all benefits:</i>
<form method="post" onSubmit="just('login');return false" enctype="multipart/form-data">
<p/>
<label for="email">Your Email:</label>
<input type="text" name="u" onFocus="show(0)" onBlur="show(2)" id="u"/>
<span id="tip0"></span><br/>

<label for="password">Password:</label>
&nbsp;&nbsp;<input type="password" name="p" onFocus="show(1)" onBlur="show(2)" id="p"/>
<span id="tip1"></span><br/>
<input type="submit" value="Login"/>
</form>

<div style="clear:both"></div>
<p/>
<i id="res1">OR Register a new to user</i>
<p/>
<form method="post" onSubmit="just('register');return false" enctype="multipart/form-data">
<p/>
<label for="email2">Your Email:</label>
<input type="text" name="u1" id="u1"/><br/>

<label for="password2">Password:</label>
&nbsp;&nbsp;<input type="password" name="p1" id="p1"/><br/>
<input type="submit" value="Register"/>
</form>

</body>
</html>

Process.php - validate user

<?php
session_start();
if (!isset($_POST['u']))
exit;
extract($_POST);
$uname=strip_tags($u);
$password=strip_tags($p);
//striptags are to prevent adding script elements to your db
$uname=stripslashes($uname);
//stripslashes are to prevent possible mysql injection attacks
$password=stripslashes($password);
//expected that you should encrypt passwords using md5 or sha1 before storing in db
$password=md5($password);
mysql_connect("localhost","root","") or die(mysql_error());
mysql_select_db("tutorial") or die(mysql_error());
if ($a=='login'){
    //to check if a user exists in db
    $query=mysql_query("select email,pswd from profiles where email='$uname' and pswd='$password'") or die(mysql_error());
    if (mysql_num_rows($query)<1)
        {
        echo "0"; //does not match an existing user
        }
    else{
        $_SESSION['email']=$uname;
        echo "1";
        }
        }
else {
    //to add user registration entries to database
    $query=mysql_query("insert into profiles(email,pswd) values('$uname','$password')") or die(mysql_error());
    if ($query) echo '2';
    }

?>

Loggedin.php

<?php
session_start();
if(!isset($_SESSION['email']))
exit; //or return to login page using: header("location: index.php");
?>
<html>
<head>
<title>Logged In Successfully - script by Ohwofosirai Desmond</title>
</head>
<body>
<h2>Logged in as: <?php echo $_SESSION['email']; ?>| <a href="logout.php">Logout</a></h2>
<div style="width:50%; font-stretch:1px; text-align:justify; font-size:14px">
welcome to your personal homepage. You can customise this to make it personalized for each user.
Always remember to give feedbacks, and participate by improving scripts on http://tag4free.blogspot.com and uploading back to us for the benefit of the entire community. Thanks.
</div>
</body>

Logout.php

<?php
session_start();
session_unset();
session_destroy();
header("location: index.php");
?>
PHP login script, Ajax login, PHP Password encryption
Labels : Script Leave a Comment

0 comments:

Post a Comment

Return to top of page
Copyright © 2013 · Codetoil · Design By Studiopress