Development of a login system with PHP and MySQL

Most interactive websites today require a user to log into the website system to provide a personalized user experience. Once the user has logged in, the website will be able to provide a presentation that is tailored to the user’s preferences.

A basic login system typically contains 3 components:

1. The component that allows a user to register their preferred login ID and password

2. The component that allows the system to verify and authenticate the user when he subsequently logs in

3. The component that sends the user’s password to their registered email address if the user forgets their password

Such a system can be easily created using PHP and MySQL.

==================================================== ===========

Component 1 – Registration

Component 1 is usually implemented by a simple HTML form containing 3 fields and 2 buttons:

1. A preferred login id field

2. A preferred password field

3. A valid email address field

4. A Submit button

5. One button reset

Suppose that form is encoded in a file called register.html. The following HTML code snippet is a typical example. When the user has filled in all the fields, the register.php page is called when the user clicks the Submit button.

[form name=”register” method=”post” action=”register.php”]

[input name=”login id” type=”text” value=”loginid” size=”20″/][br]

[input name=”password” type=”text” value=”password” size=”20″/][br]

[input name=”email” type=”text” value=”email” size=”50″/][br]

[input type=”submit” name=”submit” value=”submit”/]

[input type=”reset” name=”reset” value=”reset”/]
[/form]

The following code excerpt can be used as part of register.php to process the registration. It connects to the MySQL database and inserts a line of data into the table used to store the log information.

@mysql_connect(“localhost”, “mysql_login”, “mysql_pwd”) or die(“Cannot connect to database!”);
@mysql_select_db(“tbl_login”) or die(“Cannot select DB!”);
$sql=”INSERT INTO login_tbl (loginid, password and email) VALUES (“.$loginid.”,”.$password.”,”.$email.)”;
$r = mysql_query($sql);
if(!$r) {

$err=mysql_error();

print $err;

exit();
}

The code excerpt assumes that the MySQL table used to store the login data is called tbl_login and contains 3 fields: the loginid, password and email fields. The values ​​of the variables $loginid, $password and $email are passed from the form in register.html using the post method.

==================================================== ===========

Component 2 – Verification and Authentication

A registered user will want to log into the system to access the functionality provided by the website. The user will need to provide their login ID and password for the system to verify and authenticate.

This is usually done through a simple HTML form. This HTML form normally contains 2 fields and 2 buttons:

1. A login ID field

2. A password field

3. A Submit button

4. One button reset

Suppose that form is encoded in a file called authenticate.html. The following HTML code snippet is a typical example. When the user has completed all the fields, the authenticate.php page is called when the user clicks the Submit button.

[form name=”authenticate” method=”post” action=”authenticate.php”]

[input name=”login id” type=”text” value=”loginid” size=”20″/][br]

[input name=”password” type=”text” value=”password” size=”20″/][br]

[input type=”submit” name=”submit” value=”submit”/]

[input type=”reset” name=”reset” value=”reset”/]
[/form]

The following code snippet can be used as part of authenticate.php to process the login request. It connects to the MySQL database and queries the table used to store the log information.

@mysql_connect(“localhost”, “mysql_login”, “mysql_pwd”) or die(“Cannot connect to database!”);
@mysql_select_db(“tbl_login”) or die(“Cannot select DB!”);
$sql=”SELECT loginid FROM login_tbl WHERE loginid='”.$loginid.”‘ and password='”.$password.”‘”;
$r = mysql_query($sql);
if(!$r) {

$err=mysql_error();

print $err;

exit();
}
if (mysql_affected_rows()==0){

print “no such login exists on the system. Please try again.”;

exit();
}
plus{

print “successfully logged in to the system”;

//proceed to perform the functionality of the website, for example, present information to the user
}

As in component 1, the code excerpt assumes that the MySQL table used to store the login data is called tbl_login and contains 3 fields: the loginid, password, and email fields. The values ​​of the $loginid and $password variables are passed from the form in authenticate.html using the post method.

==================================================== ===========

Component 3 – Forgot Password

A registered user may forget his password to log in to the website system. In this case, the user will need to provide their login ID for the system to retrieve their password and send the password to the user’s registered email address.

This is usually done through a simple HTML form. This HTML form normally contains 1 field and 2 buttons:

1. A login ID field

2. A Submit button

3. One button reset

Suppose such a form is encoded in a file called forgot.html. The following HTML code snippet is a typical example. When the user has completed all the fields, the forgot.php page is called when the user clicks the Submit button.

[form name=”forgot” method=”post” action=”forgot.php”]

[input name=”login id” type=”text” value=”loginid” size=”20″/][br]

[input type=”submit” name=”submit” value=”submit”/]

[input type=”reset” name=”reset” value=”reset”/]
[/form]

The following code snippet can be used as part of forgot.php to process the login request. It connects to the MySQL database and queries the table used to store the log information.

@mysql_connect(“localhost”, “mysql_login”, “mysql_pwd”) or die(“Cannot connect to database!”);
@mysql_select_db(“tbl_login”) or die(“Cannot select DB!”);
$sql=”SELECT password, email FROM login_tbl WHERE loginid='”.$loginid.”‘”;
$r = mysql_query($sql);
if(!$r) {

$err=mysql_error();

print $err;

exit();
}
if (mysql_affected_rows()==0){

print “no such login exists on the system. Please try again.”;

exit();
}
plus {

$row=mysql_fetch_array($r);

$password=$row[“password”];

$mail=$row[“email”];

$subject=”your password”;

$header=”from:[email protected]”;

$content=”your password is “.$password;

mail ($email, $subject, $row, $header);

print “You have been sent an email with the password”;

}

As in component 1, the code excerpt assumes that the MySQL table used to store the login data is called tbl_login and contains 3 fields: the loginid, password, and email fields. The value of the $loginid variable is passed from the form in forgot.html using the post method.

==================================================== ===========

conclusion

The example above is to illustrate how a very basic login system can be implemented. The sample can be enhanced to include password encryption and additional features, for example, to allow users to edit their login information.