Create a PHP Login with PDO Connection
In this article, we going to see how to create a simple PHP login with PDO connection. PHP Data Object is shortly known as PDO, using PDO you can do more secure applications because it is SQL injection free. So using session concept you going to see the login system. All the application required the login authentication this will help to increase your application more secure, so using this simple login script you can manage your application with secure.
The following code will fetch the username and password from the database table. Once you entered the username and password this will check the given data from the input and the given data is match with the database records then you get authenticate to the suceess.php page, suppose if you entered wrong data this will show you an error message “Please enter valid username and password”. The main advantage is a session, by using session if the variable expired then it will automatically logout you from the success.php page.
Database
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
-- -- Table structure for table `users` -- CREATE TABLE `users` ( `id` int(11) NOT NULL, `username` varchar(250) NOT NULL, `password` varchar(250) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `users` -- INSERT INTO `users` (`id`, `username`, `password`) VALUES (1, 'mraj', 'admin'); |
index.php
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
<?php session_start(); $host = "localhost"; $db_user = "root"; $db_pass = ""; $dbname = "tut"; $error_message = ""; try { $connect = new PDO("mysql:host=$host; dbname=$dbname", $db_user, $db_pass); $connect->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); if(isset($_POST["userlogin"])) { if(empty($_POST["username"]) || empty($_POST["pass"])) { $error_message = '<label>Please enter your username and password</label>'; } else { $query = "SELECT * FROM users WHERE username = :username AND password = :pass"; $statement = $connect->prepare($query); $statement->execute( array( 'username' => $_POST["username"], 'pass' => $_POST["pass"] ) ); $count = $statement->rowCount(); if($count > 0) { $_SESSION["username"] = $_POST["username"]; header("location:success.php"); } else { $error_message = '<label>Please enter valid username and password</label>'; } } } } catch(PDOException $error) { $error_message = $error->getMessage(); } ?> <!DOCTYPE html> <html> <head> <title>PHP Login with PDO Connection | softAOX </title> <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css"> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.0/js/bootstrap.min.js"></script> <script src="https://code.jquery.com/jquery-1.11.1.min.js"></script> <style> .login_div { border: 1px solid #f1f1f1; margin-top: 30px; padding: 30px; border-radius: 3px; box-shadow: 1px 3px 4px 4px #f7f7f7; } </style> </head> <body> <div class="container"> <br/> <br/> <h2 align="center">PHP Login with PDO Connection</h2> <div class="col-md-offset-4 col-md-4 login_div"> <?php if(isset($error_message)) { echo '<label class="text-danger">'.$error_message.'</label>'; } ?> <h3>Login</h3><br /> <form method="post"> <label>Username</label> <input type="text" name="username" class="form-control" /> <br /> <label>Password</label> <input type="password" name="pass" class="form-control" /> <br /> <input type="submit" name="userlogin" class="btn btn-success" value="Login" /> </form> </div> </div> </body> </html> |
success.php
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
<?php //Login Success.php session_start(); if(isset($_SESSION["username"])) { echo '<h2>Login Successfully</h2>'; echo '<h4>Welcome - '.$_SESSION["username"].'</h4>'; echo '<a href="logout.php"><button type="button">Logout</button></a>'; } else { header("location:logout.php"); } ?> |
logout.php
|
1 2 3 4 5 6 |
<?php // Logout session_start(); session_destroy(); header("location:index.php"); ?> |
Below here you can download the source code and try user self, also you have the option to see the live demo.
Username: mraj
Password: admin
