Login & Logout tutorial
This tutorial require 2 PHP files and 1 table of mySQL database.
- index.php this file is the Login and Logout file.
- main.php this file is the target when login is O.K.
- Database “tutorial” and table “admin” with 3 fields: id(auto_increment), username(varchar, 50), password(varchar, 32).
* The “password” field is design for md5() password for more sucurity.Then put a record into this table. In this tutorial, put a record with name “admin” and password “81dc9bdb52d04dc20036dbd8313ed055“. This password was encrypted by md5() function from the real password “1234“.* When you test this script you must to put the real password (1234) in “password” box.
• index.php
The mainly file for do 3 things.
- Login form. Including 2 fields “username” and “password” and submit button “Login”.
- Login authorize program. Do authorize check after you submit form, if passed in username and password, this page will re-direct to main.php. If not, show the invalid user or password message.
- Logout. Clear the login session when come back or refresh this page.
<?
// Use session variable on this page. This function must put on the top of page.
session_start();////// Logout Section. Delete all session variable.
session_destroy();$message=”";
////// Login Section.
$Login=$_POST['Login'];
if($Login){ // If clicked on Login button.
$username=$_POST['username'];
$md5_password=md5($_POST['password']); // Encrypt password with md5() function.// Connect database.
$host=”localhost”; // Host name.
$db_user=”"; // MySQL username.
$db_password=”"; // MySQL password.
$database=”tutorial”; // Database name.
mysql_connect($host,$db_user,$db_password);
mysql_select_db($database);// Check matching of username and password.
$result=mysql_query(“select * from admin where username=’$username’ and password=’$md5_password’”);
if(mysql_num_rows($result)!=’0′){ // If match.
session_register(“username”); // Craete session username.
header(“location:main.php”); // Re-direct to main.php
exit;
}else{ // If not match.
$message=”— Incorrect Username or Password —”;
}} // End Login authorize check.
?><html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
<title>Untitled Document</title>
</head><body>
<? echo $message; ?>
<form id=”form1″ name=”form1″ method=”post” action=”<? echo $PHP_SELF; ?>“>
<table>
<tr>
<td>User : </td>
<td><input name=”username” type=”text” id=”username” /></td>
</tr>
<tr>
<td>Password : </td>
<td><input name=”password” type=”password” id=”password” /></td>
</tr>
</table>
<input name=”Login” type=”submit” id=”Login” value=”Login” />
</form>
</body>
</html>
———————————————————————————————————————————
main.php
This file is the target file when authorize check on index.php has been passed. It checks for session variable name “username”. If this variable does not exist, re-direct to index.php.
If you have PHP files must Login before open them, copy the PHP section and place it on the top of them.
<?
// You may copy this PHP section to the top of file which needs to access after login.
session_start(); // Use session variable on this page. This function must put on the top of page.
if(!session_is_registered(“username”)){ // if session variable “username” does not exist.
header(“location:index.php”); // Re-direct to index.php
}
?><html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
<title>Untitled Document</title>
</head>
<body>
<p>Hello <? echo $_SESSION['username']; ?>! You are now Logged in.</p>
<p><a href=”index.php”>Logout</a></p>
</body>
</html>
—————————–
Now just run it and enjoy 
