System Login


First thing in a web app (or any other private application) is provide a login to the system. Users need to enter a correct username and a password in order to login. User and login details are stored in the database "users" table. Every user has a unique auto generated id (given by the users table primary key) and we use it to create and set a session for users.

Users MySQL Table



User_ID is the primary key of the table and it is set to auto increment field. User privileges are stored as a text (array) and we use search string PHP function to check for selected values in the form.

Source code of Login page (index.php)

 
<?php include("inc/page_header.php"); ?>
 
<div class="wrapper">
 
 <div class="login">
  <div class="boxtitle">System Login</div>
   <?php
    /* ++++++++++++++++ PHP START ++++++++++++++++++++++++++ */
     if(isset($_POST['submit'])){
      $username = $_POST['username'];
      $password = $_POST['password'];
       // form validation
       if($username == '' || $password == ''){
        $error = 'Please enter username and password!';
       }else{
        // check username in the database
        $q = mysql_query("SELECT * FROM users WHERE User_Name = '$username'");
        if(mysql_num_rows($q) > 0){
         $r = mysql_fetch_assoc($q);
         $db_password = $r['User_Password'];
          if($db_password === $password){
           // login success
           $_SESSION['login'] = $r['User_ID'];
           $_SESSION['user'] = $r['User_Name'];
           header("Location: sys_home.php");
           ob_end_flush();
          }else{
           // password error
           $error = 'Incorrect Password!';
          }
        }else{
         // username not found
         $error = 'Incorrect Username!';
        }
       }
      // error handling
      if(isset($error)){
       echo "<div class='errordiv'>{$error}</div>";
      }
     }
    /* ++++++++++++++++ PHP END ++++++++++++++++++++++++++++ */
   ?>
   <form action="index.php" method="post">
    <table>
     <tr><td width="70px">Username:</td><td><input type="text" size="30" name="username" id="username"></td></tr>
     <tr><td>Password:</td><td><input type="password" size="30" name="password" id="password"></td></tr>
     <tr><td>&nbsp;</td><td><input class="btn" type="submit" name="submit" value="Login"></td></tr>
    </table>
   </form>
   <script type="text/javascript">
    document.getElementById("username").focus();
   </script>
 </div>
 
</div>
 
<?php include("inc/page_footer.php"); ?>

Comments