Post: Coding A PHP Login By Lachie444
04-11-2016, 10:05 AM #1
(adsbygoogle = window.adsbygoogle || []).push({});
Coding A PHP Login By Lachie444


Hey guys today il be showing you how to make a basic login using PHP,Mysql,PDO
By the end of this you will have a fully working Login system.
You could add my Anti-CSRF to this if you would like to. Witch you can You must login or register to view this content.


OK to start off With will be coded with OOP PHP

Making the database

So in the image below i am making a database in phpmyadmin
You must login or register to view this content.


In the image below i am creating the table users and adding in the columns to it
You must login or register to view this content.


So we need to setup the files and classes
The files we will need are
1.Login.php
2.dash.php
3.index.php
3.Backend.php

Once you have made them we will be starting the Backend.php

    
<?php
/*Backend.php
Made By Lachie44*/

//Here we are going to start the session
session_start();

//We will define a constent for the username and password for the database connection
define("USERNAME", "root");
define("PASSWORD", ""); // chnage this to yor database info

//Ok to start off you need the login class
class Login extends PDO
{
//Now we need to make the variables
public $db = null;
public $stmt = null;


//Now we need to define the __construct
public function __construct()
{
//In here is the code that will get called when the class is defined

//We will connect to the database using PDO in here it contains the database info
$this->db = new PDO("mysql:host=localhost;dbname=LachiesLogin", USERNAME, PASSWORD);
}

public function ProtectPass($input)
{
$sizeofpass = strlen($input) * 45366;
$return = hash("sha512", $input . $sizeofpass);
return $return;

}

//Now we will make the login function it self
public function Login($username, $password)
{
//Here we are cleaning the login strings to stop sqli and XSS attacks and define one variable and protect the password
$output = null;
$safeuser = htmlspecialchars(strip_tags($username));
$safepass = $this->ProtectPass(htmlspecialchars(strip_tags($password)));

//Now we need to setup the SQL Query to check if the inputted info is right
$this->stmt = $this->db->prepare("SELECT * FROM users WHERE username=:username AND password=:password");

//Now we need to execute that query with the info so we use the PDO function execute and use a array to read the info inputted
$this->stmt->execute(array(
'username' => $safeuser,
'password' => $safepass
));

//OK so now we are reading the info form the database so we can check if is there oe not
$output = $this->stmt->fetchAll(PDO::FETCH_ASSOC);
if ($output != NULL) // ok so now we are checking if the return data is NULL or not
{
//in here is where the code goes if they inputted thw right info

// we have to set a session so we can check if they are already logged in on other pages
$_SESSION['loggedin'] = 1;

// ill just return true
return TRUE;
} else {
// in here is if it failed ill just return false
return FALSE;
}
}

public function Check_Login($tocheck ,$session, $loc) // here we are going to check the session if it is set or not
{
switch($tocheck)//Here we are checking what type of check we want
{
case "login":
if($_SESSION[$session] == 1) {
header("Location: ". $loc);
}
break;
case "dash":
if($_SESSION[$session] != 1) {
header("Location: ". $loc);
}
break;
}
}

public function logout() { //Here we are just going to destroy the session to logout
session_destroy();
header("Location: login.php");
}

}
?>


OK so now we are going to make the login.php page

    
<?php
//Ok so first we need to include backend.php
include "Backend.php";

//OK so now we want to define the login class so we can call functions in it
$login = new Login();

//Ok so now we want to check if they are already logged in
$login->Check_Login("login" ,'loggedin', "dash.php");

//OK so now we want to check if the login button was click
if(isset($_POST['btn1']))
{
/*ok in here is the code that wil run once the button is clicked
now we need to call the logn function in the Login Class*/
if($login->Login($_POST['username'], $_POST['pass'])) {
header('Location: dash.php'Winky Winky; //Now we will redirect them to the dash.php file
} else {
echo "<script>alert('The username or password is wrong'Winky Winky;</script>"; // ok so we will alert to the page with the output
}
}



?>



<html>
<form action="" method="post">
<input type="text" name="username" />
<input type="password" name="pass" />
<input name="btn1" value="login" type="submit" />
</form>
</html>



OK so now we are going to do the dash.php page

    <?php
//we need to include Backend in here as well
include "Backend.php";
//Now define the login class
$login = new Login();

//Now check if they are logged in or not
$login->Check_Login("dash" ,'loggedin', "login.php");

//Here we are checking if the logout button was pressed
if(isset($_POST['logout'])) { $login->logout(); }
?>



<form method="post">
<input name="logout" type="submit" value="Logout" />
</form>
<br />
<h1>Logged In</h1>



Thanks for reading the tut Made by Lachie444

Credits
Jelly: Being a Fgt and we teach each other alot
Kam: For the idea

The following 7 users say thank you to lachie444 for this useful post:

Danny, Destroyer_MMXV, Elleusive, Kronos, Specter, THΞSPIKYBROHD
04-11-2016, 10:07 AM #2
Kronos
Former Staff
You have really been pumping these out! keep up good work Happy

The following user thanked Kronos for this useful post:

04-11-2016, 10:13 AM #3
JB
[i]Remember, no Russian.[/i]
Originally posted by lachie444 View Post
Coding A PHP Login By Lachie444


Hey guys today il be showing you how to make a basic login using PHP,Mysql,PDO
By the end of this you will have a fully working Login system.
You could add my Anti-CSRF to this if you would like to. Witch you can You must login or register to view this content.


OK to start off With will be coded with OOP PHP

Making the database

So in the image below i am making a database in phpmyadmin
You must login or register to view this content.


In the image below i am creating the table users and adding in the columns to it
You must login or register to view this content.


So we need to setup the files and classes
The files we will need are
1.Login.php
2.dash.php
3.index.php
3.Backend.php

Once you have made them we will be starting the Backend.php

    
<?php
/*Backend.php
Made By Lachie44*/

//Here we are going to start the session
session_start();

//We will define a constent for the username and password for the database connection
define("USERNAME", "root");
define("PASSWORD", ""); // chnage this to yor database info

//Ok to start off you need the login class
class Login extends PDO
{
//Now we need to make the variables
public $db = null;
public $stmt = null;


//Now we need to define the __construct
public function __construct()
{
//In here is the code that will get called when the class is defined

//We will connect to the database using PDO in here it contains the database info
$this->db = new PDO("mysql:host=localhost;dbname=LachiesLogin", USERNAME, PASSWORD);
}

public function ProtectPass($input)
{
$sizeofpass = strlen($input) * 45366;
$return = hash("sha512", $input . $sizeofpass);
return $return;

}

//Now we will make the login function it self
public function Login($username, $password)
{
//Here we are cleaning the login strings to stop sqli and XSS attacks and define one variable and protect the password
$output = null;
$safeuser = htmlspecialchars(strip_tags($username));
$safepass = $this->ProtectPass(htmlspecialchars(strip_tags($password)));

//Now we need to setup the SQL Query to check if the inputted info is right
$this->stmt = $this->db->prepare("SELECT * FROM users WHERE username=:username AND password=:password");

//Now we need to execute that query with the info so we use the PDO function execute and use a array to read the info inputted
$this->stmt->execute(array(
'username' => $safeuser,
'password' => $safepass
));

//OK so now we are reading the info form the database so we can check if is there oe not
$output = $this->stmt->fetchAll(PDO::FETCH_ASSOC);
if ($output != NULL) // ok so now we are checking if the return data is NULL or not
{
//in here is where the code goes if they inputted thw right info

// we have to set a session so we can check if they are already logged in on other pages
$_SESSION['loggedin'] = 1;

// ill just return true
return TRUE;
} else {
// in here is if it failed ill just return false
return FALSE;
}
}

public function Check_Login($tocheck ,$session, $loc) // here we are going to check the session if it is set or not
{
switch($tocheck)//Here we are checking what type of check we want
{
case "login":
if($_SESSION[$session] == 1) {
header("Location: ". $loc);
}
break;
case "dash":
if($_SESSION[$session] != 1) {
header("Location: ". $loc);
}
break;
}
}

public function logout() { //Here we are just going to destroy the session to logout
session_destroy();
header("Location: login.php");
}

}
?>


OK so now we are going to make the login.php page

    
<?php
//Ok so first we need to include backend.php
include "Backend.php";

//OK so now we want to define the login class so we can call functions in it
$login = new Login();

//Ok so now we want to check if they are already logged in
$login->Check_Login("login" ,'loggedin', "dash.php");

//OK so now we want to check if the login button was click
if(isset($_POST['btn1']))
{
/*ok in here is the code that wil run once the button is clicked
now we need to call the logn function in the Login Class*/
if($login->Login($_POST['username'], $_POST['pass'])) {
header('Location: dash.php'Winky Winky; //Now we will redirect them to the dash.php file
} else {
echo "<script>alert('The username or password is wrong'Winky Winky;</script>"; // ok so we will alert to the page with the output
}
}



?>



<html>
<form action="" method="post">
<input type="text" name="username" />
<input type="password" name="pass" />
<input name="btn1" value="login" type="submit" />
</form>
</html>



OK so now we are going to do the dash.php page

    <?php
//we need to include Backend in here as well
include "Backend.php";
//Now define the login class
$login = new Login();

//Now check if they are logged in or not
$login->Check_Login("dash" ,'loggedin', "login.php");

//Here we are checking if the logout button was pressed
if(isset($_POST['logout'])) { $login->logout(); }
?>



<form method="post">
<input name="logout" type="submit" value="Logout" />
</form>
<br />
<h1>Logged In</h1>



Thanks for reading the tut Made by Lachie444

Credits
Jelly: Being a Fgt and we teach each other alot
Kam: For the idea


In your database, use VARCHAR for username and password fields. TEXT should only really be used for ridiculously long things. Otherwise, good tut!
04-15-2016, 08:29 AM #4
Nice work .
04-15-2016, 11:05 AM #5
Danny
Hurah!
Agree use VARCHAR, nice work Smile
04-19-2016, 11:14 PM #6
Specter
Pro Memer
Originally posted by lachie444 View Post
Coding A PHP Login By Lachie444


Hey guys today il be showing you how to make a basic login using PHP,Mysql,PDO
By the end of this you will have a fully working Login system.
You could add my Anti-CSRF to this if you would like to. Witch you can You must login or register to view this content.


OK to start off With will be coded with OOP PHP

Making the database

So in the image below i am making a database in phpmyadmin
You must login or register to view this content.


In the image below i am creating the table users and adding in the columns to it
You must login or register to view this content.


So we need to setup the files and classes
The files we will need are
1.Login.php
2.dash.php
3.index.php
3.Backend.php

Once you have made them we will be starting the Backend.php

    
<?php
/*Backend.php
Made By Lachie44*/

//Here we are going to start the session
session_start();

//We will define a constent for the username and password for the database connection
define("USERNAME", "root");
define("PASSWORD", ""); // chnage this to yor database info

//Ok to start off you need the login class
class Login extends PDO
{
//Now we need to make the variables
public $db = null;
public $stmt = null;


//Now we need to define the __construct
public function __construct()
{
//In here is the code that will get called when the class is defined

//We will connect to the database using PDO in here it contains the database info
$this->db = new PDO("mysql:host=localhost;dbname=LachiesLogin", USERNAME, PASSWORD);
}

public function ProtectPass($input)
{
$sizeofpass = strlen($input) * 45366;
$return = hash("sha512", $input . $sizeofpass);
return $return;

}

//Now we will make the login function it self
public function Login($username, $password)
{
//Here we are cleaning the login strings to stop sqli and XSS attacks and define one variable and protect the password
$output = null;
$safeuser = htmlspecialchars(strip_tags($username));
$safepass = $this->ProtectPass(htmlspecialchars(strip_tags($password)));

//Now we need to setup the SQL Query to check if the inputted info is right
$this->stmt = $this->db->prepare("SELECT * FROM users WHERE username=:username AND password=:password");

//Now we need to execute that query with the info so we use the PDO function execute and use a array to read the info inputted
$this->stmt->execute(array(
'username' => $safeuser,
'password' => $safepass
));

//OK so now we are reading the info form the database so we can check if is there oe not
$output = $this->stmt->fetchAll(PDO::FETCH_ASSOC);
if ($output != NULL) // ok so now we are checking if the return data is NULL or not
{
//in here is where the code goes if they inputted thw right info

// we have to set a session so we can check if they are already logged in on other pages
$_SESSION['loggedin'] = 1;

// ill just return true
return TRUE;
} else {
// in here is if it failed ill just return false
return FALSE;
}
}

public function Check_Login($tocheck ,$session, $loc) // here we are going to check the session if it is set or not
{
switch($tocheck)//Here we are checking what type of check we want
{
case "login":
if($_SESSION[$session] == 1) {
header("Location: ". $loc);
}
break;
case "dash":
if($_SESSION[$session] != 1) {
header("Location: ". $loc);
}
break;
}
}

public function logout() { //Here we are just going to destroy the session to logout
session_destroy();
header("Location: login.php");
}

}
?>


OK so now we are going to make the login.php page

    
<?php
//Ok so first we need to include backend.php
include "Backend.php";

//OK so now we want to define the login class so we can call functions in it
$login = new Login();

//Ok so now we want to check if they are already logged in
$login->Check_Login("login" ,'loggedin', "dash.php");

//OK so now we want to check if the login button was click
if(isset($_POST['btn1']))
{
/*ok in here is the code that wil run once the button is clicked
now we need to call the logn function in the Login Class*/
if($login->Login($_POST['username'], $_POST['pass'])) {
header('Location: dash.php'Winky Winky; //Now we will redirect them to the dash.php file
} else {
echo "<script>alert('The username or password is wrong'Winky Winky;</script>"; // ok so we will alert to the page with the output
}
}



?>



<html>
<form action="" method="post">
<input type="text" name="username" />
<input type="password" name="pass" />
<input name="btn1" value="login" type="submit" />
</form>
</html>



OK so now we are going to do the dash.php page

    <?php
//we need to include Backend in here as well
include "Backend.php";
//Now define the login class
$login = new Login();

//Now check if they are logged in or not
$login->Check_Login("dash" ,'loggedin', "login.php");

//Here we are checking if the logout button was pressed
if(isset($_POST['logout'])) { $login->logout(); }
?>



<form method="post">
<input name="logout" type="submit" value="Logout" />
</form>
<br />
<h1>Logged In</h1>



Thanks for reading the tut Made by Lachie444

Credits
Jelly: Being a Fgt and we teach each other alot
Kam: For the idea


Nice, I like how you're not storing passwords in plaintext, but a more secure way of hashing the passwords is using PHP's built-in function password_hash(), I actually dare say it's one of the strongest methods for securing a password, and it's very simple too. Have a read, You must login or register to view this content.
04-20-2016, 12:15 AM #7
Originally posted by Specter View Post
Nice, I like how you're not storing passwords in plaintext, but a more secure way of hashing the passwords is using PHP's built-in function password_hash(), I actually dare say it's one of the strongest methods for securing a password, and it's very simple too. Have a read, You must login or register to view this content.


hey thanks for that Smile

Copyright © 2024, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo