Hello everyone,
In this post we are going to create a very simple PHP MySQL login system. At the beginning, we will show a registration form to users and store user given data into MySQL database. Then we will create a login page where we take username and password and let users logged in if username & password combination is correct.
Skills you need
Basic knowledge on PHP, MySQL and HTML
In the registration form, we will not sensitize and validate user provided data to keep it as simple as possible. If you don’t know anything about PHP serer-side form validation, I strongly suggest you to check this post below.
At first, we need to create MySQL database, lets create name it to “php_mysql_login_system” (or of course you can use an existing one). After that, create a table within the database and name it “users” as all registered users’ information will be stored here. Use the following SQL query below to create the table.
CREATE TABLE IF NOT EXISTS `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(255) NOT NULL, `password` varchar(255) NOT NULL, `first_name` varchar(255) NOT NULL, `last_name` varchar(255) NOT NULL, `email` varchar(255) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `username` (`username`), UNIQUE KEY `email` (`email`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
You can also take help of phpMyAdmin – GUI MySQL DBMS, to create the table if you’re a lazy dev too.
We will use MySQLi (MySQL Improved) to do all database operations from PHP.
The Registration Form
db_const.php
<?php # mysql db constants DB_HOST, DB_USER, DB_PASS, DB_NAME const DB_HOST = 'SERVER'; const DB_USER = 'USER'; const DB_PASS = 'PASSWORD'; const DB_NAME = 'php_mysql_login_system'; ?>
register.php
<html>
<head>
<title>User registration form- PHP MySQL Ligin System | W3Epic.com</title>
</head>
<body>
<h1>User registration form- PHP MySQL Ligin System | W3Epic.com</h1>
<?php
require_once("db_const.php");
if (!isset($_POST['submit'])) {
?> <!-- The HTML registration form -->
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
Username: <input type="text" name="username" /><br />
Password: <input type="password" name="password" /><br />
First name: <input type="text" name="first_name" /><br />
Last name: <input type="text" name="last_name" /><br />
Email: <input type="type" name="email" /><br />
<input type="submit" name="submit" value="Register" />
</form>
<?php
} else {
## connect mysql server
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
# check connection
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
## query database
# prepare data for insertion
$username = $_POST['username'];
$password = $_POST['password'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
# check if username and email exist else insert
$exists = 0;
$result = $mysqli->query("SELECT username from users WHERE username = '{$username}' LIMIT 1");
if ($result->num_rows == 1) {
$exists = 1;
$result = $mysqli->query("SELECT email from users WHERE email = '{$email}' LIMIT 1");
if ($result->num_rows == 1) $exists = 2;
} else {
$result = $mysqli->query("SELECT email from users WHERE email = '{$email}' LIMIT 1");
if ($result->num_rows == 1) $exists = 3;
}
if ($exists == 1) echo "<p>Username already exists!</p>";
else if ($exists == 2) echo "<p>Username and Email already exists!</p>";
else if ($exists == 3) echo "<p>Email already exists!</p>";
else {
# insert data into mysql database
$sql = "INSERT INTO `users` (`id`, `username`, `password`, `first_name`, `last_name`, `email`)
VALUES (NULL, '{$username}', '{$password}', '{$first_name}', '{$last_name}', '{$email}')";
if ($mysqli->query($sql)) {
//echo "New Record has id ".$mysqli->insert_id;
echo "<p>Registred successfully!</p>";
} else {
echo "<p>MySQL error no {$mysqli->errno} : {$mysqli->error}</p>";
exit();
}
}
}
?>
</body>
</html>The Login Form
login.php
<html>
<head>
<title>User Login Form - PHP MySQL Ligin System | W3Epic.com</title>
</head>
<body>
<h1>User Login Form - PHP MySQL Ligin System | W3Epic.com</h1>
<?php
if (!isset($_POST['submit'])){
?>
<!-- The HTML login form -->
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
Username: <input type="text" name="username" /><br />
Password: <input type="password" name="password" /><br />
<input type="submit" name="submit" value="Login" />
</form>
<?php
} else {
require_once("db_const.php");
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
# check connection
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * from users WHERE username LIKE '{$username}' AND password LIKE '{$password}' LIMIT 1";
$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
echo "<p>Invalid username/password combination</p>";
} else {
echo "<p>Logged in successfully</p>";
// do stuffs
}
}
?>
</body>
</html>Explanation: how this PHP MySQL login system work
At the beginning we created a simple registration form and stored some user information to MySQL database. Assume that each user has a unique username and email address (though we have not validated the registration form).
In the login form, we take a username and password combination from users. Then we query MySQL database with user given username and password combination. After that, if the combination is matched with any of users row, then we let the user logged in, otherwise show error to the user.
Hope this article helped you. If you need further help, please comment below.
Thank you!
Really thanks for that !
A really good login form ! thank you.
You’re welcome!
it says #1044 – Access denied for user ‘id1594579_login’@’%’ to database ‘information_schema’
great work thanksalot dear
if (!$result->num_rows == 1) {
echo “Invalid username/password combination”;
} else {
echo header (“Location:page1.php”);
i Want to use this Kindly tell me . This Gives error Cannot modify header information – headers already sent by
Hi Gurmeet,
Header must be sent before any output is made.
Do not output anything before the header call. Move your code to the very beginning of the file, before any output.
Also check for accidental white spaces before “<?php”, like below:
<?php //code… ?>
excellent tutorial
Access forbidden!
You don’t have permission to access the requested object. It is either read-protected or not readable by the server.
If you think this is a server error, please contact the webmaster.
Error 403
localhost
2/6/2014 9:54:19 PM
Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
———————–
What will I do with this error. Please help. Thanks! 🙂
Hello,
Where and when did you get this error? By doing what again, we can reproduce this error?
Hello, I already fixed that error. Now have another error. Everytime I try to register or login, it always shows “Invalid username/password combination” even though I put the right input. What should I do? Thanks! 🙂
1. Browse MySQL database and be sure about username password combination.
2. Check the SQL query in login.php
How did you solved the problem “Access forbidden!
thanks!
How did you solve the access forbidden problem?
How do I make a protected page?
Hi ryr11,
What kind of protection you’re talking about?
Password protection for one or more separate pages or a member’s area?
How do I make certain pages only visible to logged in users. Also is there a way so that upon registration admin has to approve the user?
Hi,
To do that, store the login status for each user to their browser using session and then on that page use the code below.
< ?php if (logged_in() === true) { //show the page content. } else { // not logged in - redirect to login.php header("Location: login.php"); } ?>logged_in function must be defined.
For the approve part, add a field “approved” to your users table on database. Then on registration page, set default “approved” value to false. Now you’ve to approve the user (update “approved” value to true).
Could I write this in login.php ;
$username = $_POST[‘username’];
$password = $_POST[‘password’];
$approve = $_POST[‘approve’];
$sql = “SELECT * from users WHERE username LIKE ‘{$username}’ AND password LIKE ‘{$password}’ AND approve LIKE ‘[$approve}’ “;
And then something along the lines of
Hi, you can try like this –
On the register.php,
$sql = "INSERT INTO `users` (`id`, `username`, `password`, `first_name`, `last_name`, `email`, `approved`) VALUES (NULL, '{$username}', '{$password}', '{$first_name}', '{$last_name}', '{$email}', 'false')";On the login.php
$sql = "SELECT * from users WHERE username LIKE '{$username}' AND password LIKE '{$password}' AND approved LIKE 'true' LIMIT 1";On the login.php, there is no need to pass $approve variable in the sql. Because we’ll only let a user login if he/she is approved. So, it’ll be always true while querying the database.
thank you I see what I was doing wrong, for the sessions , is this suitable as the logged_in() function;
function logged_in() {
return (isset($_SESSION[‘login’])) ? true : false;
}
Can you add an email upon registration in the registration.php or does there need to be another?
Yes, only the isset will do the job.
function logged_in() { return isset($_SESSION['login']); }Pardon, I didn’t understood your last question…
Hi Arpan,
Could you please explain in more details how to set up a session correctly?
Hi Rene,
This article is just about a simple login system, no session is used. So we’ll be able to just login – but it will not be kept.
To keep a user logged in, at the very beginning of login.php put session_start(); before any character is printed.
Then user $_SESSION[‘userID’], $_SESSION[‘expiry’], etc. to store user data and keep a user logged in.
As I said to Conner, I’ll post a tutorial about remember me and log out facility ASAP. It’ll be extension of this post.
Thank you.
How about session_start() … ???
Hello Anush,
Could you be more specific?
Thanks.
does not work all code comes up on the screen too
Hi lex,
I think you are directly opening the file and you might not have WAMP(Windows->Apache+MySQL+PHP) server installed.
If have WAMP server installed, go to www directory with WAMP installation folder and place your php files there. Now, open your web browser and open http://127.0.0.1/yourFileName.php
Parse error: syntax error, unexpected T_CONST in /home/a1633560/public_html/db_const.php on line 3
This means?
Hi lumpa,
Can I see your code? (line 1 to 10).
I copy your code above but it says FORBIDDEN. You don’t have permission to access /< on this server.
Hi dennis,
Do you have WAMP installed properly?
yes i have.. the icon of my wamp is green color…
The code is okay. Are you getting this error on both register.php and login.php?
I’m sure there must be some misconfiguration in apache. Try to install Apache 2.4.2.
To install, download Apache 2.4.2 and extract to \wamp\bin\apache
Then start WAMP server > select Apache > Version > 2.4.2
How do I create a function to store the users activity on the database? thank you
Hello lillycrak,
I’m really sorry for the delay, I’ve not noticed your comment.
You can do an AJAX call on each link of your page and send the required data to something like process.php
Then fetch the data, process it and store it into database from process.php
Thank you
Hello! I get this error when registering an account “MySQL error no 2005 : Unknown MySQL server host ‘SERVER’ (0)”. Whats the problem and how do I sort of link this to a members area only. Please don’t criticise me, I’m new to php
Hello Carl,
Please be confident, no one will criticize you! You do mistakes === You learn something!
The error is caused by putting wrong MySQL Server Host info. Please change MySQL host with correct value. It may be located at config.php or db-config.php or whatever you named and stored it 🙂
After Registration when i clicked the submit button It showning like this.. And i using xampp
How to fix it?????
Warning: mysqli::mysqli(): php_network_getaddresses: getaddrinfo failed: No such host is known. in C:\xampp\htdocs\login\login.php on line 20
Warning: mysqli::mysqli(): (HY000/2002): php_network_getaddresses: getaddrinfo failed: No such host is known. in C:\xampp\htdocs\login\login.php on line 20
MySQL error no 2002 : php_network_getaddresses: getaddrinfo failed: No such host is known.
Hi Suriyakmr,
Right parameter order of mysqli_connect() is:
mysqli_connect("host", "user-name", "password", "db-name")I guess you’ve swapped values like this
mysqli_connect("user-name", "password", "host", "db-name");I have the exact same error and I’ve just copied all your code straight up. What’s wrong then?
“No such host is known” – means the host parameter must be wrong!
Right parameter order is host, username, password, db name. Whats yours?
Hi There,
How can i make a log out facility ? im thinking of an end_session() function but what would be defined !, any help is appreciated 🙂 and a great tutorial !
~Conner
Hello Conner,
Thats a very good question.
To log out, use the PHP built in session_destroy() function.
I’ll post a tutorial about remember me and log out facility ASAP. It’ll be extension of this post.
Thank you.
Can you post how do make a log in successful?
Hi Niklas,
Please see line 36 of login.php as mentioned in this article.
This is the place where you do stuffs on a successful login.
it does not work for me. Gives me many issues
Hello,
What kind of issues are you getting?
Hello,
I have already seen comments questioning this but I was able to get all of this code to work great with my page, I just want to make it so that once the user is logged in, they will be recognized as being logged in and will have access to pages that require the user to be logged in. You say to put session_start() in, do I need to put that in every php code area? Also, after all of the php code in login.php, am I supposed to add more information so that the session is officially started and the user is recognized? Finally, what do I need to place at the top of every page that I need to be secure and have the user be logged in for?
If you are willing to give me your email address, could I send you my code and you can look at it and help me? I’d really appreciate it.
Hello Kevin,
Yeah,
its arp14[at]yahoo[dot]com
Thank you very much man, i’ve been stuck on this shit 2 days and this made ir for me, again thank you so much
Hi Syafiq,
how dsplay session user profile that has been register?
Hi Syafiq,
While registering a session on client side, you need to send them to server via GET/POST.
After that, you can display them or do whatever you want with the data you got.
Hey, how do i allow logged in users to stay logged in within all the different pages? what is the php code i need to add at the top of each page to do this? and how do i change a logged in button to ‘your account’ when logged in? thank you so much, if i make money from my website i will be sure to donate some to you (y).
Hello DP,
For the first problem, you need to put session_start() in the very first of the login page.
For the second problem, at first you have to create a field called ‘online_status’ (or whatever you want) in your users DB.
Then just follow the pseudo code below to solve your problem.
Hope you got it, thanks for being so nice. Good luck for your website.
BTW, I going to write a separate tutorial on the same topic in details very soon 🙂
That was very confusing for me haha, could u please show me the code to put on the start and i don’t understand what you mean by ‘online_status’
Hmm… where you are storing your users’ data? using a MySQL Database is most efficient way to store such kind of data.
Each databases has one or more tables. Each table has one or more data fields. See the table below and assume its you users table. Here online status is s data field (column).
I’m still having quite some trouble, could you please give me your email address so i may contact you if its no trouble? Thank you
its arp14[at]yahoo[dot]com
i have sent an e-mail
Hello DP, Conner and everyone,
As I promised, I’m back with a new article which is much advanced than this one. It has remember me, online status, forgot password, logout, and user profile option.
Please visit the link below,
http://w3epic.com/php-mysql-login-system-remember-online-status-forgot-password-user-profile/
Thank you.
im having a very frustrating problem it says unexpected T_CONST
Hi tyler,
Please see this reply of mine (last reply): http://w3epic.com/php-mysql-login-system-remember-online-status-forgot-password-user-profile/#comment-13435
redirecting with header() is not working at ‘do stuff’ section. also i’m trying to change an element’s content but nothing…
emmm.. sorry. How do i write the code?
Your code is messed up, please put your code within pre tag like below.
<pre> your code </pre>
Thanks
works a lot friend….. How to bring the three codes in one page or in one program
Hi Asper,
Why do you need of that?
We should always differentiate codes by type/content to make it more readable and less messy.
My code again:
<form method="post" action=""> Email Password <4 href="./admin/passwordRecovery.php" rel="nofollow">He olvidado mi contraseña...</a> <?php if (isset($_POST['submit'])){ $email = $_POST['email']; $password = $_POST['password']; $regex = "/^((([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+(\.([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+)*)|((\x22)((((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(([\x01-\x08\x0b\x0c\x0e-\x1f\x7f]|\x21|[\x23-\x5b]|[\x5d-\x7e]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(\\([\x01-\x09\x0b\x0c\x0d-\x7f]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]))))*(((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(\x22)))@((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?$/i"; // Run the preg_match() function on regex against the email address if (!preg_match($regex, $email)) { echo 'document.getElementById(\'error_message\').innerHTML = "fsdf"'; } else { if (login($email, $password, $mysqli) == true) { // Login success header("Location: graficas.php"); } else { // Login failed $dom->getElementById('error_message')->nodeValue = 'El email debe tener un formato válido!'; $dom->saveHTMLFile("./index.php"); } } } ?>Hi,
Line 22 is okay.
Is it executing line 5, 26, 27?
If yes then something wrong in login() function. Post the definition if it here.
Thanks
Hi, is this still active and am using this script I am doing for a new client and he wants to approve users first so found the part mentioning about approval and added a extra column to the users table called approved and added in the register and login php files the coding mentioned but what would the coding be to build a php page for the admin side to approve the user
Thank you in advance
Kind regards
Ian
Hello,
Sorry, I did not noticed that you are using my script for your client.
This script is very very basic of a PHP MySQL login system.
There is no data sensitization is done here, so the script is vulnerable!
Do not use this script on production environment.
I’ll not be responsible for any damage to your client.
Hi
I really like this script but how can I make it so that admin approve users rather than having automatic registration by email activation link etc
Kind regards
Ian
make a column in your users table and lets name it “active”. Set it false while registering a new user. You can limit user’s activities based on this “active” flag. Later create a admin page to approve the user by updating the value to true.
Thanks
Please can you post a step by step tutorial on how one can add admin approval to new member sign up in phpmyadin and to website. thanks
One of the worst login systems. Vulnerable to a everything. Do NOT follow this stupid tutorial. Author has no idea about coding a secure PHP login system.
Hi,
Are you kidding? Yes it is vulnerable because I’ve created this in that way.
I think you have not even read this article where I’ve clarified that – “we will not sensitize and validate user provided data to keep it as simple as possible.”
So, I build it as simple as possible, for beginners – not advanced users.
There is no security provided in this login system, its just to clarify the login concept.
Thanks for the ping, I’ll post another article about securing a PHP MYSQL login system. I’ll notify you – then you can complain.
Thanks for commenting 🙂
When you write a tutorial, you try to teach the beginners good habits and the “right way” of doing something. This is the purpose of a tutorial. How difficult is to use prepared statements, so the beginners learn from the beginning the good habits? It just takes 1-2 extra lines for each query and it takes you 3 more seconds to write this code. For example: 1 comment above (“Ian Haney”) said he is coding a login system for a client using YOUR tutorial. You did not tell him not to follow this tutorial since this code its vulnerable and will only cause problems in the features.
For me either you write a tutorial about how something should be done or you just simply do not write it. I am coming from a forum and a user found this tutorial on google and it just gave me cancer! I had to teach him all the basics that needs to know, instead of this!
Yeah, I should have been added a disclaimer first. I apologize that I did not even noticed that he is using this for his client – thats my fault. But how could I guess that a beginner who is just learning a PHP login system have a client.
But, I’m not agree to use prepare statement here. Many will confuse about prepared statements and loose their interest.
“How difficult is to use prepared statements?” It may be easy for you, for me but not for one that who is learning a PHP login system from scratch.
A kid cannot learn coding without learning alphabets, habit comes later. I think that 1-2 extra lines will make it much more complex to them.
I’m taking the good part of your advice.
Thanks
Your title says a lot about you. Arpan is an excellent teacher in his materials and has done an excellent job of helping people here. Most of us already know that what we do with the code demonstrated is our problem. You being so uppity and righteous, should direct us to your superior teaching sites. I’m betting there is no such existence. There will always be a self-righteous critic.
HI ARPAN
I keep getting a syntax error in this line defined as an unexpected T_string
if ($mysqli->connect_error no)
How do i go about it?
Hi,
Probably you are missing a closing ” double quote.
DB file contains username, password and flag.
for select it from DB i give (“select * from file name”);
is it correct? or Any other way? PLz help me…
Hi,
No, thats not file name. Open up phpmyadmin and import the file using import tab.
Then it should be “SELECT * FROM users;”
Note: users is the table name in your database.
woowwwwwwwwwwwwww!
hi…
how to create membership login in php and a member get update every month please help me
Hi,
I suggest you to see this article for instance: http://w3epic.com/php-mysql-login-system-remember-online-status-forgot-password-user-profile/
Hi Arpan Das,
I am a beginner at this php material. I believe your teaching (presenting the basic concepts first) is very great.
I would like to copy and validate user ID and EmailAddress from users in session on http://www.mysite/startpage to a database (i need to create) at http://www.mysite/added_information after they click and fill the “Added Information Form” found on “startpage”
I need to do this manipulation to verify that the date they enter in the Added Information Form has the same User Id and Email that they logon with to access “first page”.
Will the training you give so far be sufficient to accomplish that?
Next question: ?how do I locate/identify the user table/data location from http://www.mysite/startpage (which is an open source program I bought), so that I can program the
$sql = “SELECT * from users WHERE username LIKE ‘{$username}’ AND email LIKE ‘{$email}’ LIMIT 1”;
$result = $mysqli->query($sql);
if (!$result->num_rows == 1)
Hi,
Sorry for the late reply,
You are thinking with very complexity. Be cool 🙂
You can do this manipulation in the same page.
register.php : To add new users data to the data base.
login.php : It takes a unknown user’s data and checks for if the unknown user does exist in the database with right username:password combination or not. If user found, then the unknown user is got known and we let him access some restricted pages (like a atm card and atm machine).
, see the login.php above.
There is no need of added_information.
Now, if the login form is submitted, we get the unknown users data and the sql part goes here.
Yes this is enough to accomplish that.
I suggest you to see this also: http://w3epic.com/php-mysql-login-system-remember-online-status-forgot-password-user-profile/
Thank you very much 🙂
Correction: I need to do this manipulation to verify that the DATA they enter in the Added Information Form …
Warning: mysql_connect(): php_network_getaddresses: getaddrinfo failed: No such host is known. in C:\xampp\htdocs\test\members_area\config.php on line 12
Members Area ……. problem ta kano ho6he?????????
Hi Subhadeep,
Please see this: http://w3epic.com/php-mysql-login-system-a-super-simple-tutorial/#comment-11783
This is the root of this problem 😉
User registration form- PHP MySQL Ligin System | W3Epic.com
Parse error: syntax error, unexpected T_CONST in C:\wamp\www\New folder (7)\db_const.php on line 3
why error to my :((
Ji jm,
Please see this: http://w3epic.com/php-mysql-login-system-a-super-simple-tutorial/#comment-11783
Thanks 🙂
everything is working fine
accept the logIn beside the successful message am getting this
any help please!
Hi,
Do you mean the successful message is not showing up?
hey, is it possible to get the error next to the username and email form, so the rest of the input dossent go away?
like this:
[email protected] ——- Email already exists!
Hi dennis,
Yes possible, for that – you have to split the errors into an array and show each elements to corresponding places.
Hi
Works Wonderful, do you have a search (form) that can search the data that was inserted into that database?
Hi Steve,
Try this out –
<?php if (isset ($_GET['submit'])) { ## connect mysql server require_once("db-const.php"); $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME); # check connection if ($mysqli->connect_errno) { echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>"; exit(); } $query = $_GET['query']; $result = $mysqli->query("SELECT * FROM users WHERE username like '%{$query}%'"); // fetch result while ($row = $result->fetch_array()) { var_dump($row); } } ?> <form method="get"> <input type="textbox" name="query" /> <input type="submit" name="submit" value="Search"/> </form>hi
I have 100 college login .. i need to redirect to all based on their id which is registered … that will be done by single login page …
Edit login.php and add the code below on line 36
$id = * get last inserted id *header("Location: profile.php?id=" + $id);
F*****G BAD (not)!!! Thi is and epic tutorial and I use this!!
Is line 9 in the register.php supposed to read:
echo “MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}”;
or:
echo “MySQL error no {$mysqli->connect_error} : {$mysqli->connect_error}”;
?
is “errno” calling an item or is it a typo for “error”?
Hi,
No – its not a typo, its $mysqli->connect_errno
Please see these:
http://php.net/manual/en/mysqli.connect-errno.php
http://php.net/manual/en/mysqli.error.php
Very easy and simple tutorial on login system in PHP. thanks!
Hello. And Bye.
Hello Arpan,
Thank you it’s very useful for my next project. Why don’t you user code highlighter. As it is quite difficult to read the code and understand. If you use wordpress then there is a plugin search for “Syntax highlighter” and it will come
thanks
Yes, I use it – disables for some time for some reason. I will activate it ASAP.
Thanks for suggestion 🙂
hi man!
i copied all your codes . here is the message that i got
“Invalid username/password combination”
do i need to create a my pass and user in mysql or any user and pass can work?
thanks for your help
You should add a user first! I mean, add an entry to the users table. Did you?
Where can I get a good tourial on MYSQL and PHP.I have a basic understanding of PHP.
Would there be a way for a page to remember a user’s name when logged in, I kinda want to make a webpage where you would be able to post comments and other things with your account and I need the website ro remember the full name of that person and display when posting some stuff…
(Sorta facebook, but personal and have less informations, just posts and comments)
If you have any other things that could help me, that would be really helpful (you don’t have to tho…)
can you please show me how to create CRUD using php mysqli?
thank you so much for this tutorial. It really help me for my assignment.. thank you.thank you..
god bless you!
🙂
great work
this is the best login form i have come across
Thanks 🙂
http://localhost/site/%3C?=$_SERVER%5B%27PHP_SELF%27%5D?%3E
Problem to open page
Sorry, I cannot see your local site.
please help,error in line 32 and below is the line i have copied your code
Trying to get property of non-object in C:\xampp\htdocs\login\login1.php on line 32
if (!$result->num_rows == 1)
Check your SQL query and try in PHPMyAdmin first.
i got the same error as well. please help me
in db_const.php giving error to the # mysql db constants DB_HOST, DB_USER, DB_PASS, DB_NAME
const DB_HOST = ‘SERVER’;
const DB_USER = ‘USER’;
const DB_PASS = ‘PASSWORD’;
const DB_NAME = ‘php_mysql_login_system’;
to this lines.
plz give mi rpl as early as possible
How do I check for the first name/ second name/ username/ email?
Like, In another file, I want to print out his first name/ second name/ username/ email?
How do I do that?
thx been searching everywhere for someone who does this right
how to avoid mysql injection user name = ‘ or ”=’ password = ‘ or ”=’
thanks very much
BE
This is VERY BAD and INSECURE code. Nobody should be using this. The Author has no business writing a tutorial.
This is for beginners, this is to learn from scratch – not for production. If I do it in a complex way, majority of beginners won’t be able to get it.
Worked first time – thanks very much !
You don’t have permission to access /FileSYSTEM/< on this server.
my folder name is file system and it always said to me when im registering a account
Thank you so much! It helped me alot.
Notice: Trying to get property of non-object in login.php on line 32
After a looooooooooooooong time of searching, i finally find the answer… Thanks man for the absolute amazing tutorial
Tell me the logout scrit
what is code of record login/logout time in php
You are not hashing the passwords?
Hi,
This is just about basics of a login system. To reduce complexity, I keep other things away.