PHP Complete Login System With Session Using MySql Database

PHP Complete Login System With Session Using MySql Database | PHP Session Login System.
Hello Readers...
-In this article we are going to create a login system with SESSION using HTML and PHP with MySql Database.

-First create a separate config.php file to create(configure) the connection with MySql Database.

-If we create a config.php file separately then we can use this file in all PHP pages where connection is required i.e.,we can reuse this file n number of times for Database Connection Purpose.
-Now create a login.php file this file is responsible to authenticate the user's credentials.
-Next create a welcome.php file if user successfully logged in then login.php will redirect the user from login to welcome page.
-Now create a logout.php file to destroy the session, so user's can be logged out.
-Assume our Database name is mysql@123 and Table name is login with username and password column.

---

So lets create config.php.
This file is responsible to establish the connection with Database.
config.php

<?php

/* Assume we are running MySQL with default setting (user 'root' with no password) */

define('DB_SERVER', 'localhost');

define('DB_USERNAME', 'root');

define('DB_PASSWORD', '');

define('DB_NAME', 'mysql@123');

/* Attempting to connect to MySQL database */

$con = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);

// Checking connection

if($con === false){

    die("ERROR: Could not connect. " . mysqli_connect_error());

}

?>

Now create a login.php file.
In login page we have created a form with two text-field i.e., username and password and a submit button to submit the form.

When user hit the submit button then this form has to perform the action on submitted data, here action file is login.php only means login form calling self login.php.

This login.php is is responsible to authenticate the users credentials and redirect them to welcome page.

This login.php is also checking if user is already logged in means session is not destroyed then this page will redirect the user directly to welcome page.
Here we are going to write PHP login logic inside login.php only.
login.php

<?php

 session_start(); 

 if(isset($_SESSION['username'])) //If user is already logged in //then   

{ echo "

   <script>alert(' you are already logged in that's why you redirecting to welcome page!');

     alert('If u want to login again then logout first!');

      window.location='welcome.php';

   </script>";

 }

  if($_SERVER["REQUEST_METHOD"] == "POST")

{ 

  $username=$_POST['username'];  

  $password=$_POST['password']; 

  include('config.php'); 

                          

  $sql_query = "select count(*) as cntUser from login where username='".$username."' and password='".$password."'";

  $result = mysqli_query($con,$sql_query);

  $row = mysqli_fetch_array($result);

  $count = $row['cntUser'];

 if($count > 0){ 

 $_SESSION['username'] = $username;

 echo "<script>

 alert('Success...'); 

 function redi(){window.location='welcome.php';}

 var msg='Please Wait While Redirecting To Welcome Page...'; 

 document.write('<font color=blue>'+'please wait while redirecting to Welcome page...'+'</font>');

 setTimeout('redi()',3000);

        </script>";     

         }

else{

    echo "

     <script>alert('Invalid Login Details...'); 

     </script>"; 

    }

}

?>

<html>

 <head>

 <title>Login Page</title>

 </head>

 <body>

 <center>

  <form method="post"  action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">

  Username :<input type="text" name="username" id="username"/><br/>

  Password :<input type="password" name="password" id="password"/><br/>

  <input type="submit"  value="Login"/> 

  </form>

 </center>

</body>

</html>

Now create welcome.php.
If user enter valid username and password then user will be redirected to this welcome.php,if user is not logged in and users want to access this page directly using url bar then it will send the user back to login page.See below example...

welcome.php

<?php 

session_start();

 $username = $_SESSION['username']; //retrieve the session value

 if(!isset($_SESSION['username'])) //If user is not logged in then //he cannot //access the welcome page

 {

 echo "

     <script>alert('Currently you are not logged in that's why you redirecting to login page!');

      window.location='login.php';

     </script>";

 }

 ?>

<html>

 <head>

     <title>

         Welcome Page

     </title>

 </head>

    <body><br/><br/>

    <center>

        Welcome User <?php echo $username;?>.<br/>

        <a href="logout.php">Logout?</a>

    </center>

    </body>

</html>

Now create a logout.php file so user's can be logged out.
When user's click on logout button or link that is present on welcome page then this logout.php will be responsible to perform logout operation.
logout.php

<?php

 session_start();

 $username = $_SESSION['username']; //retrieve the session variable

 unset($_SESSION['username']); //to remove session variable

 session_destroy(); //destroy the session 

?>

<html>

  <head>   

    <title>Logout Page</title>

   </head>

<body>

    <center>

       <h4>Your are logged out<h4>

       <h4><a href="login.php">Login Again?<a></h4>

    </center>

</body>

</html>

Hope it was helpful.

See also-Basic Php Login System