Login with session using PHP and MYSQL database

What is session?

The session is used to access the various pages of an entire website. A session creates a temporary directory on the server.With the help of session variables and their value are stored.

In the previous tutorial, we discussed the session in PHP. A session is used to store the information on the server rather than the client computer.

Create a MYSQL database table using Query

Whenever we create a login system we need an MYSQL database.We can logIn by fetching user data from the MYSQL database table. In the previous tutorial, we created a simple login form using PHP and MYSQL databse. Let's create a database table using the MYSQL query.


CREATE TABLE  `users` (

 `id` INT( 50 ) NOT NULL ,
 `uname` VARCHAR( 40 ) NOT NULL ,
 `upassword` VARCHAR( 40 ) NOT NULL
) ENGINE = INNODB DEFAULT CHARSET = latin1;

Insert data into MYSQL database table for Login with session

To insert the data into the table,you can use the registration form or insert query. When you create a login form, you have to fetch the data. Unless you have data in the database, you will not be able to create the login system. You can use the registration form to insert data or you can perform insert query to insert data into the database table. Let's insert the data into database table using MYSQL query.

INSERT INTO `users` (`id`, `uname`, `upassword`) VALUES
(1, 'admin', 'admin@123');

Create a connection file to connect MYSQL and PHP

The config file hanles the connection between PHP and MYSQL database.

Now, create a file and save with name and extension "config.php".

<?php

$databaseHost = '127.0.0.1';//or localhost
$databaseName = 'project'; // your db_name
$databaseUsername = 'root'; // root by default for localhost 
$databasePassword = '';  // by defualt empty for localhost

$mysqli = mysqli_connect($databaseHost, $databaseUsername, $databasePassword, $databaseName);
 
?>

In above config file , we are used mysqli_connect() function for a new connection. We are passed this information as parameter and stored in a variable $mysqli. You can change database host, database name, database username, and database Password according to your need.

Login with session pages structure in PHP

In this small project, we use the session to access sesion data on pages of the website. We create pages to access session data.

After the destryed session, unknown persons cannot access the pages. This is the main advantage of PHP session .
Let's create some pages .


1.Index.html -

After session created the user redirects to main page(index.html).

2.Login.php -

The login page handles the user input information. This is the starting page of login system. Without login success, user cannot access all pages.

3.Loginprocess.php -

This is the action file of the login form. That includes all the PHP script. We create a session in this file.

4.Page1.php -

Access session on page 1 after login.

5.Page2.php -

Access session on page 2 after login.

6.Page3.php-

Access session on page 3 after login.

7.Logout.php -

We use session destroy to the destroyed complete session. This is used to logout. After logout, the user cannot access another pages.



The session is recommended start the session on at the beginning of the every pageg. Index.html is a home page.

When a user wants to visit index.html without login the session returns to the login page. The user can not directly access the index.html page without login.

If any user wants to access any page session return to the login page. First of all user should login then access the all pages direct till the session destroyed?

Let's implement complete Login system using PHP and MYSQL database .

Make a login form for user login using PHP session

Now,we create an HTML form. The HTML form is used to input information by the user. A user enters username and password using HTML form. This is the beginning of login system in PHP. The user files username and password and clicks the login button. If the username and password are matched, the user logs in. If password and username are incorrect, an error message is displayed on the same login form. Let's create an HTML form.

login.php

<html>
<head>
</head>
<center>
<fieldset>
<legend>Login </legend>
<form action="loginprocess.php" method="POST">

Username:

Password:


<?php if(isset($_REQUEST["err"])) $msg="Invalid username or Password"; ?>

<?php if(isset($msg)) { echo $msg; } ?>

</form> </fieldset> </center> </html>

In above form , we defined action "loginprocess.php". The login process file handles the backend login process.

Create PHP code for login using session

We create form handling scripts in PHP. This file handles the MYSQL and HTML form functional.

1.First of all ,start session at the beginning of the page

2. We include the config file.We can user include() function and require() function to include config.php file.

3. Use if condition to set form fields data on the button.

4. Here, we use the request variable. The request variable contains the PHP POST method values.

5. Use the MYSQL select query.

6. Store session variable data.

7. Use header() function . The header() function is used to redirect another page after login. If the error occurred ,redirects to the same login form. If user id and password are matched , redirects to index.html page else error shows result "please enter valid id and password".

loginprocess.php

<?php

session_start ();
include("config.php"); 

if(isset($_REQUEST['sub']))
{
$a = $_REQUEST['uname'];
$b = $_REQUEST['upassword'];

$res = mysqli_query($cser,"select* from users where uname='$a'and upassword='$b'");
$result=mysqli_fetch_array($res);
if($result)
{
	
	$_SESSION["login"]="1";
	header("location:index.php");
}
else	
{
	header("location:login.php?err=1");
	
}
}
?>

Create the main page after login success

Now, create the main page index.html page. It is the index page of the login system. First of all, we start the session by session_start() function at the beginning of the page. After that, we check if the session is not created than return to the login page (login.php ).

index.html

<?php 
session_start ();
if(!isset($_SESSION["login"]))

	header("location:login.php"); 
?>

Hey ! welcome to main page .

<a href="page1.php">

PAGE 1

<a href="page2.php">

PAGE 2

<a href="page3.php">

PAGE 3

<a href="logout.php">

Logout

Now, We create more pages (page 1, page2, and page 3) as example to access session. All pages include session_start() function at the beginning of the page. Start session is the must for entire pages.

User can access all pages by the login. If the session is not created or destroyed then redirect to the login.php page.

A website contains a lot of pages. These pages help you understand how to access session on the pages of website.

If the session is destroyed, the user can not access any page of the website. An authenticated user can access the entire pages of the website. That's why the session is used for security purpose. Secure your website data from unknown users.
Let's create another pages.

Make another page 1 to access login with session

Create another page.Start session in every single page of the website. Use if condition, If the session is set then stay on the page and if the session is destroyed then redirect to login.php After this PHP code, you can create and design your page according to your need but do not remove PHP session code at the top of pages. Follow these instructions for another website pages.

Page1.php

<?php 
session_start ();
if(!isset($_SESSION["login"]))
	header("location:login.php");


?>

Welcome to page 1

<a href="page1.php">

PAGE 1

<a href="page2.php">

PAGE 2

<a href="page3.php">

PAGE 3

<a href="logout.php">

Logout

Logout

Make another page 2 to access session after login

Page2.php

<?php 
session_start ();
if(!isset($_SESSION["login"]))
	header("location:login.php");


?>

Welcome to page 2

<a href="page1.php">

PAGE 1

<a href="page2.php">

PAGE 2

<a href="page3.php">

PAGE 3

<a href="logout.php">

Logout

Logout

Make another page 3 to access session

Page3.php

<?php 
session_start ();
if(!isset($_SESSION["login"]))
	header("location:login.php");


?>

Welcome to page 3

<a href="page1.php">

PAGE 1

<a href="page2.php">

PAGE 2

<a href="page3.php">

PAGE 3

<a href="logout.php">

Logout

Logout

Logout page using session destroyed function in PHP

Page Logout means that you are destroying a complete session. After destroying the session, an unknown user cannot access authorized pages. This is the most important thing to secure sensitive data from an unknown user. The authorized user can login and access all pages. The session_destroy() function is used to destroy all sessions.

Logout.php

<?php
session_start ();
session_destroy();
header("location:index.php")
?>

Download free complete login system using PHP session and MYSQL database