Thursday 17 October 2013

PHP Simple Sign-in Tutorial



This tutorial is about simple sign-in php code for beginners. You can also protect pages from unauthorized persons.
  1. You will learn to make one database table, one form , checking php page, user session page, config page and secret page.
  2. First create a simple form using below code or you can use your own sign in form.
    • <form  method="post" action="CheckLogin.php">
<input type="email" name="inputEmail"  id="inputEmail" placeholder="Email">
<input type="password" name="inputPassword" id="inputPassword" placeholder="Password" maxlength="15" minlength="6"  >
<button type="submit" >Sign in</button>
</form>
  3. Now you will run below SQL Code to make a simple table in your database.
    • CREATE TABLE IF NOT EXISTS `members` (
`id` int(4) NOT NULL AUTO_INCREMENT,
`name` varchar(65) NOT NULL DEFAULT '',
`email` varchar(65) NOT NULL DEFAULT '',
`password` varchar(65) NOT NULL DEFAULT '',
`Type` varchar(10) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
  4. Now its time to connect to the database, so we will make database connection file config.php
    • <?php
$con = mysql_connect("localhost","root","yourpaswword");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("YourDbName", $con);
?>
  5. Now when form submitted it will go to CheckLogin.php page and here is code for page.
    • <?php
// Start Session because we will save some values to session varaible.
session_start();
ob_start();
// include config file for php connection
 include("config.php");
// memebers table name
$tbl_name="members";
// Define $myusername and $mypassword
$myusername=$_POST['inputEmail']; 
$mypassword=$_POST['inputPassword']; 
// To protect MySQL injection
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
below query will check username and password exists in system or not
$sql="SELECT * FROM $tbl_name WHERE email='$myusername' AND password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is used for counting table records
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table record must be equal to 1  
if($count==1)
{
 $sql2=mysql_query("SELECT Type,email,name FROM $tbl_name WHERE email='$myusername'");
 $row=mysql_fetch_row($sql2);
 $_SESSION[type]=$row[0];
 $_SESSION[myusername]=$row[1];
 $_SESSION[name]=$row[2];
//Depending on type of user we will redirect to various pages  
 if($row[0] == 'abc')  { header( "location:http://localhost/abc.php");  }
 else if($row[0] == 'xyz')  { header( "location:http://localhost/xyz.php");  }
 else if($row[0] == 'Admin')  { header( "location:http://localhost/admin.php");  }
 else    {   header( "location:http://localhost/index.php");  }
}
else
{
 header("location:http://localhost/index.php");
}
ob_end_flush();
?>
  6. Now on user pages like abc.php, xyz.php or admin.php your will write below lines on top of the page to make them protected.
    • <?php
include('UserSession_xyz.php');
?>
  7. Below is code for UserSession_xyz.php. you will also make other pages for other users.
    • <?php
session_start();
if($_SESSION[type]!='xyz'){
header('location:index.php');
exit();
}
include('config.php');
?>
Above tutorial is very useful for making websites pages secure and make user Sing-In System. You can also use some features of this tutorials. For more information please visit Website: Crewow
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)