99 Comments
  1. LRaven says:

    ‘$PHP_SELF’ to $_SERVER['PHP_SELF'] – And everything works fine, great tutorial!
    thanks a lot!

    Reply
  2. LRaven says:

    When Im logged in and Im try to login again I should get show_userbox(); – // The user is already loggedin, so we show the userbox. – but this don`t work for me :(
    Im getting this error:

    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user ‘ODBC’@'localhost’ (using password: NO) in C:\wamp\www\wo\login.php on line 14

    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\wamp\www\wo\login.php on line 14

    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user ‘ODBC’@'localhost’ (using password: NO) in C:\wamp\www\wo\login.php on line 14

    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\wamp\www\wo\login.php on line 14

    Warning: mysql_query() [function.mysql-query]: Access denied for user ‘ODBC’@'localhost’ (using password: NO) in C:\wamp\www\wo\login.php on line 15

    Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in C:\wamp\www\wo\login.php on line 15

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\wamp\www\wo\login.php on line 20
    Wrong username or password!

    Reply
  3. Ceasar says:

    It looks fine, but how do I protect pages, which should only be accesable by the members?
    Next to this: Once logged in, are you automaticall logged out when you leave the website?

    Reply
  4. Omar says:

    I also would like to know how to protect pages. Not sure on how I can redirect user to a page.

    Reply
  5. Omar says:

    whats a show_user box?

    Reply
  6. nfo says:

    @Omar
    whats a show_user box?
    in this case its just a logout link witch will be shown if a user logged in..
    I also would like to know how to protect pages.
    Simply check if the session variable exist:
    ie:
    session_start();
    if($_SESSION['loginid']){
    echo “user is allowed to view this”;
    } else {
    //else redirect him to an other side
    header(“Location: http://www.google.at“);
    }

    Once logged in, are you automaticall logged out when you leave the website?
    No, in fact it depend on your session life time… (take a look at php.ini)

    best regards nfo

    Reply
  7. Lance says:

    I noticed something in your login.php file that might cause issues down the line.
    In your SQL code where you query the database, you specify “LIMIT 1″, therefore only returning the first result. Further down, when you check whether the password matches, you also check whether the number of results is something other than 1. With “LIMIT 1″ in your SQL, this will always be 1.
    Personally, I would remove the “LIMIT 1″ from the SQL query, but leave the code that checks there is only 1 result.
    Otherwise, it is a great article.

    Reply
  8. Fernando says:

    WOW.. FINALY! A script that works wonderfuly! I have been going nuts for days trying to find something that works!
    I do have one question though..
    I really want to take this script and make it so that depending on which user logs in, they go to a specific page.
    But I have NO clue how to go about doing this. Any help please would be very greatly appreciated!!!
    Many thanks once again!

    Reply
  9. James says:

    I encountered an annoying problem that continually resulted in me receiving a “wrong username or password” response even when the details where correct, (note: this is only when using the md5 version). If I used just plain text then everything would check-out fine.

    After a bit of reading over the code I decided to see what the ‘login.php’ was outputting as the md5 password. It turns out this was my problem, the md5-password outputted to the database is always 32 characters long irrespective of the form’s max-length password attribute. But I had my database password set to 25 characters max.

    Changing the mysql-database password field to 50 characters seemed to solve the problem, although 32 would probably have been enough.

    Another tip I came across was to set the password field (in the mysql database) to CHAR rather than VARCHAR and to BINARY. For example

    “CREATE TABLE ‘tblusers’ (‘username’ VARCHAR(30) NOT NULL, ‘password’ CHAR(40) BINARY NOT NULL);

    or

    “CREATE TABLE tblusers (username VARCHAR(30) NOT NULL, password CHAR(40) BINARY NOT NULL);

    depending on your version

    Reply
  10. ANNI says:

    what is the use of function.inc.php file & index.php ?

    Reply
  11. Matthew says:

    Hello work

    thanks

    but can i make it logon to my accounts table that i have

    soo i can make a voting page/donate

    5/5 rating

    Reply
  12. wayne says:

    this works for me, protect other pages

    Reply
  13. wayne says:
    Reply
  14. wayne says:


    Reply
  15. wayne says:

    soz not use to posting, i find this works for protecting other pages
    and i agree great script

    Reply
  16. wayne says:

    nope cant seem to post php code for it
    how do i show you the code

    Reply
  17. zodiak says:

    hello, i want to yous this code but i like to get after the login to a page in a private directory and al the pages have to be protected , how do i do this?

    Reply
  18. Ravi says:

    This worked perfectly for me.. Thanks. Now I can work with my other features.

    Reply
  19. Manish says:

    i successfully get this script in my index page but the problem is when i log in the form shows the error showing wrong username or password please help me

    Reply
  20. For those of you trying to figure out how to do this, I used nfos code. Simply place this at the header of each page you with to protect:

    Reply
  21. ?php
    // Start a session
    session_start();
    require_once (‘/secure/db_connect.inc.php’);
    require_once (“/secure/functions.inc.php”);
    ?>

    Reply
  22. OK take 10, posted the wrong one:
    put at

    Reply
  23. ?php
    // Start a session
    session_start();
    require_once (‘db_connect.inc.php’);
    require_once (“functions.inc.php”);
    if($_SESSION['loginid']){
    echo “”;
    } else {
    //else redirect to login page
    header(‘Location: /login.php’);
    }

    Reply
  24. Brian says:

    Okay, I’m missing something.

    The script works fine with a simple index.php that simply calls the script. However, if I put the login script call at the top of a very busy index.php, it displays all of the index.php file with the login form on top.

    How can I keep the index.php data from displaying until someone has logged in?

    Thanks for all your efforts.

    Reply
  25. pree says:

    how will I made entry of login in time and date in another table for authenticated user? plz help me its urgent.

    Reply
  26. Dominic says:

    Hello,

    Could someone email me how to change the activation link to my own site? Where do I put my website’s address and in what file?

    Thanks

    Reply
  27. kenneth says:

    Please can any one help me out? Below is the error that i keep on getting each time that i try to login.

    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\phpMyAdmin\olu\login.php on line 20
    Wrong username or password!

    I look forward to hearing from you. Thanks in advance and God bless…

    Reply
  28. Tatsu says:

    Howdy, I would like to ask something…

    how would i change the code that i would have 3 kinds of permisson:
    (1)admin = create/delete users, news
    (2)moderator = edit,post news, edit users
    (3)user = can wiew news

    by default the user status would be 3

    For example:
    if(status=1){
    echo”Add user“;
    }
    else if (status=2){
    echo”Add news;
    }
    }else{
    echo “Logout“;

    tnx for your support!

    Reply
  29. Tatsu says:

    kenneth :Please can any one help me out? Below is the error that i keep on getting each time that i try to login.
    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\phpMyAdmin\olu\login.php on line 20Wrong username or password!
    I look forward to hearing from you. Thanks in advance and God bless…

    Like its telling you, you have entered the wrong username or pass. Have you typed the correct username and pass? If yes…try to change it in phpmyadmin!

    I hope I helped!

    Cya ;)

    Reply
  30. Wes O says:

    Ok, so how do I add more user names and passwords?

    Reply
  31. Priyanka says:

    i have problem in login.php, after i click on login button nothing will disply, if i type wrong user name & password it’s not showing error message,
    pls help me

    Reply
  32. Bernie says:

    I am having a problem with the code in Creating a simple login script with php and mysql. I have the database all set up and is working properly, including the encryption. I am using a hidden username, only the password box shows on login. Can you tell me what I am doing wrong? I did change some of the coding only because it did not work the first time. I have now changed everything back but it still is not working. The only name that I changed in the database was loginid to member_id.

    Reply
  33. Thank you so much! It works successfully.

    Reply
  34. Bala says:

    Deprecated: Function session_is_registered() is deprecated in E:\xampp\htdocs\Login with registration\login.php on line….
    How do i solve this error???

    Reply
  35. Bala says:

    Deprecated: Function session_is_registered() is deprecated in E:\xampp\htdocs\Login with registration\login.php on line 2

    How do i solve this error???

    Reply
  36. yuli45com says:

    thre is an error, this the error message after i login even with the correct username and password
    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\e-comm\admin\login.php on line 13

    Reply
  37. Barkha says:

    This website will very helpful my future… thanks :)

    Reply
  38. ram says:

    simply superb code! i liked it a lot. but sadly i can’t resolve this issue what i’m getting while logging in…

    error message as follows…

    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\test\simplelogin\login.php on line 20
    Wrong username or password!

    please help newbie in PHP..

    Reply
  39. Suneeil says:

    i got this error : Fatal error: Call to undefined function session_is_registered() in E:\wamp\www\logged1\login.php on line 2.
    Please help while i load the page:

    Reply
  40. Reksana says:

    Thanks for your great tutorial that helped me a lot,

    please add more tutorials about how to create acounts for users as they use their inbox , see their feeds to their page as facebook acounts woks like that..

    however thanks so much

    Reply
  41. Every weekend i used to pay a visit this website, because i wish for enjoyment, as this this web page conations actually
    fastidious funny material too.

    Reply
  42. nice.
    good resource.
    more info.
    check this.
    http://vsc-project.blogspot.com

    Reply
  43. Farhannah says:

    hi. I have here a created system which is a room reservation system. and then I want to add admin/manager which It can view all the transactions made or who reserved… but i dont know how. please.. can you give me a help? thanks

    Reply
  44. arboyz says:

    thanks for tutorial

    if you get this error
    Fatal error: Call to undefined function session_is_registered() in D:\xampp\htdocs\sispres\login\login.php on line 2

    just add this
    function session_is_registered($session)
    {
    //
    }

    in login.php

    that error caused by session_is_registered() function is deprecated in php 5.4

    http://stackoverflow.com/questions/20619704/fatal-error-call-to-undefined-function-session-register

    Reply
  45. Chris says:

    I’m getting this. Any ideas?

    Fatal error: Cannot redeclare show_userbox() (previously declared in C:\wamp\www\ManageGigs\client\function.php:3) in C:\wamp\www\ManageGigs\client\function.php on line 16

    Reply
  46. I’m getting this:
    Deprecated: Function session_is_registered() is deprecated in apt.technologx.pw/admin/login.php on line 2

    How do I fix it?

    Reply
  47. i tried to use this for a simeple email feed generate project but getting 404 error on logout.php page, maybe its for cookie blocked or server issue, any solutions?

    Reply
  48. Isaac says:

    This seems to be generally good code, but is definitely out of date. Add the line;

    “ini_set(‘display_errors’, 1);”

    But without the quote marks, to the second line of index.php (After ‘<?php') if you can't see the error messages.

    (Then use google to work through them — it's fairly a simple matter of replacing those old snippets of code with their newer versions)

    Reply
  49. Odra-noel Oajdi says:

    its cool but its Disgusting

    Reply
Leave a Reply




XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


2 + = four