PHP userid and password validation for user login

Here we will discuss about the checking of login id and password against the data in the signup table. This part of the code is given in the loginck.php file given inside the zip file which you can download at the end of this tutorial. You can go to part 1 of this script which displays the login form for the members to enter userid and password.

PHP login script to check userid & password from MySQL database and create session with logout link

Advance Signup Script
This is a basic script and it requires knowledge of PHP , MySQL.

You can check our advance Signup - Login script using PHP, MySQL, JQuery & Bootstrap.

You can try plus-signup-v2 and visit this page again.

Here we have used the same plus_signup table we used in our php signup script tutorial so you can use all the files to develop a signup and login application.

We will use one line of SQL query to get the reply. We will be using select query to get the data from the table 

"SELECT * FROM plus_signup WHERE userid='$userid' AND password = '$password'"
plus_signup is the table name, userid and password are the field names. This SQL statement will return us one record if member userid and password is there in our table. So we can use one if condition to process the script if the usrid and password is correct and is there in the table.
We are using userid and password variables in our sql statement and using that to get data from our member table, it is not safe to directly use them inside query. We will use pdo to sanitize the data before using them. Let us first collect them 
$userid=$_POST['userid'];

$password=$_POST['password'];
Now let us check the database with our query. 

$count=$dbo->prepare("select password,mem_id,userid from plus_signup where userid=:userid");
Here is the code to do all this for us. 
$count=$dbo->prepare("select password,mem_id,userid from plus_signup where userid=:userid");
$count->bindParam(":userid",$userid,PDO::PARAM_STR);
$count->execute();
$row = $count->fetch(PDO::FETCH_OBJ);
if($row->password==md5($password)){
echo " Inside ";
// Start session n redirect to last page
$_SESSION['id']=session_id();
$_SESSION['userid']=$row->userid;
$_SESSION['mem_id']=$row->mem_id;
//echo " Inside session  ". $_SESSION['userid'];
$msg=" welcome $_SESSION[userid] loging successfully , please wait ... ";
echo $msg;
echo "<script language='JavaScript' type='text/JavaScript'>
<!--
window.location='welcome.php';
//-->
</script>
";

}else{
$msg = " Login failed, tray again ... <br><INPUT TYPE='button' VALUE='Back' onClick='history.go(-1);'>";
}
echo $msg;

In the above code if the validation is correct then we are creating session variables 

$_SESSION['id']=session_id();

$_SESSION['userid']=$row->userid;
The else condition if userid or password is not correct will display the message and ask the member to try again.
That's all for our member login script.
Using the session variable we can show other pages or redirect the members to different pages.

Role based login system

You may have different types of role for the member. We can add one more column to the table, column name is role. Against each record we can keep one role like admin, student, staff, teacher etc .
After there successful login , we can read the role data and accordingly create one session variable saying role of the member. 
$_SESSION['role']=$row->role;
Different areas of the site we can keep and while checking the session status we can allow or reject the access to the user to the page by reading the session role value.

Read how the session is checked at the page level.

Here we will add one more level of check for the role session data and reject or accept the user to the page. 
<?Php
if(!(isset($_SESSION['userid']) and strlen($_SESSION['userid']) > 2)){
echo "Please <a href=g_login.php>login</a> to use this page ";
exit;
}else{
	if($_SESSION['role'] != 'admin'){
		echo "You are not authorized to use this page ";
	exit;
	}else{
echo "Welcome $_SESSION[userid] | <a href='logout.php'>Logout</a>|
<a href='change.php'>Change Password</a>";
	}
}
?>

Login Script Signup Form Login / Logout script Change Password



Subscribe

* indicates required
Subscribe to plus2net

    plus2net.com






    hanks mike

    01-09-2011

    have tried d above codes and they are all working fine. great job. but how can i redirect different users to different pages customized for only each user. thanks
    John

    09-05-2012

    thank you for the tutorial , your site is great, and really helping me understand. Thanks!
    peter

    17-10-2012

    Hello Guys,,, i need some help, am new to PHP world But was told to create a login from with default password/username,and a registration form, after loggingin using the default password and username, then you can register your details,,,,it is then stored to the database.
    rashmita

    28-02-2013

    i have query that ones user login after log out then user can not again with url login
    neok

    19-06-2013

    hello, i need help, i forget that how to edit text in textarea using php
    SARAVANAN

    18-05-2014

    ok..thanks you for ur guidelines
    hamza

    30-05-2015

    can someone help me always login error is come e.g
    404 - Page Not Found
    Sorry, the page you are looking for does not exist
    siteadmin

    30-05-2015

    What is the page name you are seeing at the top on address bar ? That page should be there. After login there is a welcome page , check that you just placed that page.
    Aaron pippen

    18-09-2015

    thanks guys

    Post your comments , suggestion , error , requirements etc here




    We use cookies to improve your browsing experience. . Learn more
    HTML MySQL PHP JavaScript ASP Photoshop Articles FORUM . Contact us
    ©2000-2021 plus2net.com All rights reserved worldwide Privacy Policy Disclaimer