JB Blog

Checking if your users are logged in with PHP Login script

2010
03.14

A little while back i wrote a tutorial on how to write a simple PHP Login script powered by a small MySQL database. After receiving many emails on the matter i have decided to write a tutorial on how you can check if a user is logged in and a page that will log them out and take them back to the login page.

Things you need

PHP 4 or 5 enabled server
MYSQL database
Some basic HTML and CSS Knowledge (PHP knowledge isnt required i will tell you how to do it here)
About 5 – 10 minutes

Step 1 – Things to know

Ok so the first important thing to know is that the original script is in need of a bit of editing which will be shown in step 2, we need to create a session on the users browser that our script will be looking for to check a user is logged in. The next thing to know is that in order to logout a user you will need to remove this session, otherwise a user could just keep going back to the secure page without logging in.

Step 2 – Editing the old script

Right then so in the old script we need find the following line.

if(mysql_num_rows($result)=="1")

Under that line where you will have something like

{ header("Location: securepage.php"); }

You will need to edit it to have this new line after the first { symbol and before we redirect the user. This is important if you place this line below the redirect the script will leave before you create the session.

session_register("logged1241");

The name you put between the brackets is very important and you should remember it for later on.

Step 3 – Check if a user is logged in

This is a simple yet effective script that will check the user is logged in. Just place this before the tag on any of the secure pages. Note that the name of the session must be identical to that in step 2, if its not then no one will ever be able to access the page.

<? session_start(); if(!session_is_registered(logged1241)){ header("location:login.php"); } ?>

The above code basically searched for the session we made when the user logged in and if its not found then it will redirect the user to the login.php page, where they can login. By this being placed above the tags it means that the user will not even get a glimpse of the secure page before they are forced to leave.

Step 4 – Logout script

This part is so simple to do, just create a new page called logout.php and inside the page put nothing but the following code snippet.

<? session_start(); session_destroy(); {header("Refresh: 3; url='login.php'");} session_start(); ?>

The user will be logged out and will be redirected back to the login.php page, to login again if they want.

Hope you enjoyed the tutorial.

Category Tutorials |

No Comments

Making a simple PHP login page

2010
02.27

So people are always searching around for how to make a passworded area, it may look like a really daunting task to begin with, but it really isn’t that hard. In this tutorial i will explain how to setup and create a multi-user login page for your site.

Things you need

PHP 4 or 5 enabled server
MYSQL database
Some basic HTML and CSS Knowledge (PHP knowledge isnt required i will tell you how to do it here)
About 20 minutes

Step 1 – Things to know

This script is made for a small personal site and it is only the very basic that you can do for a MYSQL login system, if you wanted to have a more secure system then the use of encryption would be required. This script will stop about 90% of web users from accessing your site, but those more advanced in hacking sites and databases may still get through.

Step 2 – Creating the login portal page

This is where your HTML and CSS knowledge comes into play, this part is super easy and in the example below i called the page “login.html” and it should contain a simple login form that will run the file we will make in step 3 called “login-run.php” the method to send the data should be POST.

<form action="login-run.php" method="POST"> <input name="username" type="text" /> <input name="password" type="password" /> <input type="submit" value="Login Now" /> </form>

I wont go on to explain this block of code as it is basic HTML and hopefully you know what is does and how it does it.

Step 3 – Creating the database

Ok so make a new MYSQL database now, create a table called “users” and create 3 columns with the following names and values.
id INT(4) AUTOINCREMENT
username VARCHAR(24)
password VARCHAR(24)

So basically you are creating 3 columns, one is called “id” that is type INT and is 4 characters long this is the user id that is automatically made so it should have AUTO INCREMENT on so the database will automatically generate it. The next column is called “username” and it should be type VARCHAR as it contains non-numerical characters and the length should be around 24. The last column should be called “password” and have the same type and length as the username column.

Once you have done this add one user to test with in my examples i used admin and password, for username and password.

Step 4 – Creating the login-run script

This is where it gets hard if you have never written PHP before, we are now going to make the login script that actually checks your database for the users details.

So our first task is to actually connect to the database so for this we need the following block of code

<? $con = mysql_connect("localhost","dbuser","dbpass"); if (!$con) { die('Could not connect: ' . mysql_error()); } ?>

This code may be short but what it does is mighty, it will connect to the database with the name “dbuser” and password “dbpass” and will then check to see if it logged in ok if it didn’t get that far it will echo back and error to you on the page. Note that you will have to change dbuser and dbpass to your databases name and password.

Now for the next bit we want to get the information that the user just entered in our form for this we need to add this code under the block we just made. (Note the last thing on the page MUST be the ?> symbol, this ends the PHP code.

$user = $_POST['username']; $pass = $_POST['password'];

Ok so that bit of code will get your users information from the form and save it to two variables called “user” for the username and “pass” for the password.

All that is left to do now is to search the database for that information and check if the user is allowed to enter, and then redirect them to the secure page. To do this add the following code block to the end of the document (remember the php end tag must be at the base of the document).

mysql_select_db("dbname", $con);
$result = mysql_query("SELECT * FROM users WHERE username='$user' AND password='$pass'"); if(mysql_num_rows($result)=="1") { header("Location: securepage.php"); } else { header("Location: login.html"); }
mysql_close($con);

The last thing you need to do is make a page called “securepage.php” this si where the user will go when they have logged in correctly. There you have it test it out and enjoy, there is so much more that you can do like checking if a user is logged in when they go to a page and to assign certain users different areas to access. If there is a need for this i will write another tutorial to show how to do that.

Tags: form, how to, login, make, page, php, system, tutorial Category Tutorials |

3 comments

5 of my favourite blogs from around the web

2010
02.26

Here you can see a few of my top blogs from around the web enjoy.

Outlaw Design Blog
Lovely clean design, well made and has some simply amazing content for all.
http://www.outlawdesignblog.com/

Matt Mullenweg Blog
Who can argue Matt’s a highly influential person on the web, one that has an amazing blog to go with it.
http://ma.tt/

Web designer Wall
Nice layout and always very informative this is a great blog.
http://www.webdesignerwall.com/

Design Bit Blog
Well this blog stunned me with its great content, blogs this packed with web tips are rare, a great place for any web enthusiast.
http://designbit.co.uk/

Web Designer Mag
Maybe not the most beautiful of blogs, but full to the brim with content for sure.
http://www.webdesignermag.co.uk/

Category Inspiration |

No Comments

New Blog

2010
02.18

Well i finally got around to it, i always wanted to setup a blog ever since i started my site up in late 2007, since the site has started getting more popular and the visit counts have risen. I thought to myself “Blog now” so here it is.

The blog has the same layout and theme as the main site, minus the jquery menu bar. I’m a big one for sharing ideas and helping others so the main focus of this particular blog will be, yes you guessed it, helping you with your web design and programming. I will be writing tutorials, leaking some big tips and showing loads of great sites from around the web so check back often for that and more.

Enjoy

Tags: blog started, welcome Category Random |