Login - Logout with a Session in 1 file

Tutorials > Login - Logout with a Session in 1 file

The apollohosting offers excellent web hosting services for those interested in promoting their businesses through email marketing. You can insert very professional types of web templates. But to best avail from 350-030 or 70-270 certifications, you need a wireless internet set up.

Create a file for Login and Logout (PHP + MySQL) using with a SESSION variable. This file contains Login form, Login authorize program and Logout program. All in one but Short and Easily.

This tutorial require 2 PHP files and 1 table of mySQL database.

index.php this file is the Login and Logout file.
main.php this file is the target when login is O.K.
Database "tutorial" and table "admin" with 3 fields: id(auto_increment), username(varchar, 50), password(varchar, 32).
* The "password" field is design for md5() password for more sucurity.

What is md5() function? Click here.

Then put a record into this table. In this tutorial, put a record with name "admin" and password "81dc9bdb52d04dc20036dbd8313ed055". This password was encrypted by md5() function from the real password "1234".

* When you test this script you must to put the real password (1234) in "password" box.

• index.php

The mainly file for do 3 things.

Login form. Including 2 fields "username" and "password" and submit button "Login".
Login authorize program. Do authorize check after you submit form, if passed in username and password, this page will re-direct to main.php. If not, show the invalid user or password message.
Logout. Clear the login session when come back or refresh this page.

Source Code

<?
// Use session variable on this page. This function must put on the top of page.
session_start();

////// Logout Section. Delete all session variable.
session_destroy();

$message="";

////// Login Section.
$Login=$_POST['Login'];
if($Login){ // If clicked on Login button.
$username=$_POST['username'];
$md5_password=md5($_POST['password']); // Encrypt password with md5() function.

// Connect database.
$host="localhost"; // Host name.
$db_user=""; // MySQL username.
$db_password=""; // MySQL password.
$database="tutorial"; // Database name.
mysql_connect($host,$db_user,$db_password);
mysql_select_db($database);

// Check matching of username and password.
$result=mysql_query("select * from admin where username='$username' and password='$md5_password'");
if(mysql_num_rows($result)!='0'){ // If match.
session_register("username"); // Craete session username.
header("location:main.php"); // Re-direct to main.php
exit;
}else{ // If not match.
$message="--- Incorrect Username or Password ---";
}

} // End Login authorize check.
?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<? echo $message; ?>
<form id="form1" name="form1" method="post" action="<? echo $PHP_SELF; ?>">
<table>
<tr>
<td>User : </td>
<td><input name="username" type="text" id="username" /></td>
</tr>
<tr>
<td>Password : </td>
<td><input name="password" type="password" id="password" /></td>
</tr>
</table>
<input name="Login" type="submit" id="Login" value="Login" />
</form>
</body>
</html>

• main.php

This file is the target file when authorize check on index.php has been passed. It checks for session variable name "username". If this variable does not exist, re-direct to index.php.

If you have PHP files must Login before open them, copy the PHP section and place it on the top of them.

Source Code

<?
// You may copy this PHP section to the top of file which needs to access after login.
session_start(); // Use session variable on this page. This function must put on the top of page.
if(!session_is_registered("username")){ // if session variable "username" does not exist.
header("location:index.php"); // Re-direct to index.php
}
?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>