Here is a simple example for creating a secure login page with PHP which will help you to safe authentication. Here, cookies are not used because of preventive measure against cross-side scripting. The back-end used is MySQL. So, you should have knowledge of MySQL and database as well.
Database
Make a table called login. Use SQL below to create a table of login.
|
1 2 3 4 5 |
CREATE TABLE login ( user_name varchar(20) NOT NULL default '', user_pass char(32) binary NOT NULL default '', PRIMARY KEY (username) ); |
HTML
|
1 2 3 4 |
<form action="login.php" method="post"> <input name="user_name" size="18" type="text" /> <input name="user_pass" size="18" type="text" /> <input name="submit" type="submit" value="Login" /> </form> |
Form
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
if(count($_POST) &gt; 0) { $user_name = htmlspecialchars($_POST["user_name"]); $user_pass = htmlspecialchars($_POST["user_pass"]); $sql = "SELECT user_name,user_pass FROM login WHERE user_name=\"$user_name\" AND user_pass=\"$user_pass\""; $rs = mysql_query($sql); //execute the query if(mysql_num_rows($rs) == 1) { // username and passwords exists in database //other codes } else { //invalid username of password //redirect to login page header("Location: login.php"); } } |
Comments are closed.