- First thing, create a MySQl database with the following structure:
- You could create this with the Xamp's PhpMyAdmin utility, or running commands at the php console, or by running commands as a php program.
- I've named the above database as "test", and the table as "bkmark_users".
- Now, we need following 5 files to create the Registration + Login system:
- Login.html: User interface for user registration / login. Includes forms that execute the php codes in CheckLogin.php and Register.php in order to register and login users.
- CheckLogin.php: Search the database for the user inputted username and password to log her/him in. Also creates cookies for storing username and pass.
- Register.php: Writes the user inputted new username and pass into the database as a new user record.
- ProtectedPage.php: This is the page protected by passwords. Firstly it checks whether a user has logged in by checking the cookies. If not, opens the Login page. Also it extracts the username using the cookie to display a message.
- Logout.php: Closes the session deleting the cookies, indicating the user have logged out. Then redirects the user to the Login page.
Ok below are the complete file sources:
Login.html
<html>
<head>
<title>My Website - Login</title>
</head>
<body bgcolor="#FFFFCC">
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<table style="margin:15px auto;" align="center">
<tr>
<td colspan="3"><h2>Login:</h2></td>
</tr>
<tr>
<form action="CheckLogin.php" method="post">
<td>Username:</td>
<td><input type="text" name="username"/></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password"/></td>
</tr>
<tr>
<td></td>
<td align="right"><input type="submit" name="Submit" value="Login"/></td>
</form>
</tr>
</table>
<table style="margin:15px auto;" align="center">
<tr>
<td colspan="3"><h2>Register:</h2></td>
</tr>
<tr>
<form action="Register.php" method="post">
<td>New username:</td>
<td><input type="text" name="newusername"/></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="newpassword"/></td>
</tr>
<tr>
<td></td>
<td align="right"><input type="submit" name="Submit" value="Register"/></td>
</form>
</tr>
</table>
</html>
CheckLogin.html
<?php
session_start();
$username = $_POST["username"]; // This is the inputted username from the form in Login.html
$password = $_POST["password"]; // This is the inputted password from the form in Login.html
mysql_connect('localhost');
mysql_select_db('test') or die('Could not select database');
$result = mysql_query("SELECT username, password FROM bkmark_users"); // Get data from username and password fields
$hituser=false;
$hitpass=false;
// Sarch username in the database
while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
if($row[0] == $username){ // If found, open ProtectedPage.php. Else goto Login.html
$hituser=true;
if($row[1] == $password){
$hitpass=true;
echo "USER FOUND!";
$_SESSION["username"] = $username; // Creates a cookie saving the username
$_SESSION["loggedIn"] = true; // Creates a cookie saying the user is logged in
header("Location:ProtectedPage.php");
}else {
}
}else{
// header("Location:Login.html"); // Lastly, redirect back to login page
}
}
if($hitpass==false){
echo "PASSWORD INCORRECT!<br>";
}
if($hituser==false){
echo "USER NOT FOUND!<br>";
}
?>
Register.html
<?php
session_start();
$newusername = $_POST["newusername"]; // This is the inputted username from the form in Login.html
$newpassword = $_POST["newpassword"]; // This is the inputted password from the form in Login.html
mysql_connect('localhost'); // *** INSERT YOUR DATABSE INFORMATION HERE ***
mysql_select_db('test') or die('Could not select database');
mysql_query("INSERT INTO bkmark_users(username, password) VALUES('" . mysql_real_escape_string($newusername) . "','" . mysql_real_escape_string(
$newpassword) . "')")or die('Could not insert data into db');
echo "New user created:<br>";
echo $newusername."<br>";
echo $newpassword."<br>";
echo "<a href='Logout.php'>Logout</a>";
?>
ProtectedPage.html
<?
session_start();
if(!$_SESSION['loggedIn']) // If the user IS NOT logged in (the loggedIn cookie is created), forward them back to the login page
{
header("location:Login.html");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>My Website - Protected Content</title>
</head>
<body bgcolor="#FFFFCC">
<?php
// If the user IS logged in, then echo the page contents:
$currentUser = $_SESSION['username']; // Gets the username from the cookie we created in Check.php
$message = '<p>Welcome, ' . ucfirst($currentUser) . '!</p>'; // This compiles hello (your username)
echo $message; // This echo's (actually outputs) the message
?>
<p>Good job! You got it working!!</p>
<a href="Logout.php">Logout</a>
</body>
</html>
Logout.html
<?php
session_start();
session_destroy();
header("Location:Login.html");
?>
Create these files inside the same folder and run the Login.html file. Enjoy!
Create these files inside the same folder and run the Login.html file. Enjoy!