Login form validation using PHP and MySQL

Everybody should see the login pages in most of websites. You should have doubt about this login form, how they validate username and password. There is nothing, just only 2 steps as follows as for login validation using php. 1. You enter username and password already registered which is stored in mysql database. 2. After you submit a button to login, it check the database values whether the username and password is correct or not using php and mysql query. The mysql query for select a values from mysql database as like this : ie, SELECT * FROM table_name WHERE name='username' and password='password' If it return values correctly, then you can login. Otherwise it give error message.

Simple login validation using php and mysql:

Lets see how to validate the username and password using php.

1. First you create table using mysql query like this:

CREATE TABLE login(name varchar(30), password varchar(30), PRIMARY KEY(name))

Now the table 'login' is created. The field 'name' is primary key. Because the username must be unique.

(Else you can also create it using gui just by clicking create new table and select no of columns=2 and enter details)

2. Then insert values into table using mysql query like this:

INSERT INTO login VALUES('guru','guru')

Now the table look like this:

3. The php script for login validation as follows as:

login.php:

<html> <head> <style type="text/css"> input{ border:1px solid olive; border-radius:5px; } h1{ color:darkgreen; font-size:22px; text-align:center; } </style> </head> <body> <h1>Login<h1> <form action='#' method='post'> <table cellspacing='5' align='center'> <tr><td>User name:</td><td><input type='text' name='name'/></td></tr> <tr><td>Password:</td><td><input type='password' name='pwd'/></td></tr> <tr><td></td><td><input type='submit' name='submit' value='Submit'/></td></tr> </table> </form> <?php session_start(); if(isset($_POST['submit'])) { mysql_connect('localhost','root','') or die(mysql_error()); mysql_select_db('new') or die(mysql_error()); $name=$_POST['name']; $pwd=$_POST['pwd']; if($name!=''&&$pwd!='') { $query=mysql_query("select * from login where name='".$name."' and password='".$pwd."'") or die(mysql_error()); $res=mysql_fetch_row($query); if($res) { $_SESSION['name']=$name; header('location:welcome.php'); } else { echo'Entered username or password is incorrect'; } } else { echo'Enter both username and password'; } } ?> </body> </html>

Where, if(isset($_POST['submit']){} means run after submit a results. if($name!=''&&$pwd!=''){} means if either username or password is empty, it give message like as 'Enter both username and password'. mysql_query("select * from login where name='".$name."' and password='".$pwd."' ") select the values if the username and password is present. $res=mysql_fetch_row($query) return row as numeric array. You don't know about mysql_fetch_row, then visit mysql-fetch-row in mysql. if($res){} validate the result. If it is correct, then your name is stored in session variable and also you'll navigate to 'welcome.php' page. Otherwise you'll get 'You entered username or password is incorrect' message. You want to visit Session in php.

When you run the above file, it should be like this:

The php script for welcome page: welcome.php:

<?php session_start(); $name=$_SESSION['name']; echo'welcome :'. $name.'<br>'; echo'<a href="signout.php">Signout</a>'; ?>

Now you enter username and password 'guru' and 'guru', you will navigate to 'welcome.php' page and get output like this: welcome: guru Signout If it is wrong, then you can't login.