Introduction
A login form is an essential component of any web application that requires user authentication. It allows the user to input their username and password to access the application. In this blog, we will discuss how to create a login form using HTML, PHP, and MySQL.
HTML Code for Login Form
First, we will create an HTML form that includes two input fields, one for the username and one for the password. We will also include a submit button to submit the form to the server.<form method="post" action="login.php"> <label for="username">Username:</label> <input type="text" name="username" id="username" required> <label for="password">Password:</label> <input type="password" name="password" id="password" required> <button type="submit">Login</button> </form>
This form sends the user input to a PHP script named "login.php" using the HTTP POST method. We will create this script next.
PHP Code for Login Form
The PHP script receives the user input from the HTML form and checks it against the user credentials stored in a MySQL database. We will assume that the database table is named "users" and has columns for "username" and "password".<?php // Start the session session_start(); // Connect to the database $conn = mysqli_connect("localhost", "username", "password", "database_name"); // Check if the form has been submitted if ($_SERVER["REQUEST_METHOD"] == "POST") { // Retrieve the user input $username = mysqli_real_escape_string($conn, $_POST['username']); $password = mysqli_real_escape_string($conn, $_POST['password']); // Query the database for the user credentials $sql = "SELECT * FROM users WHERE username='$username' AND password='$password'"; $result = mysqli_query($conn, $sql); // Check if the query returned a result if (mysqli_num_rows($result) == 1) { // Login successful $_SESSION['username'] = $username; header("Location: dashboard.php"); } else { // Login failed $error = "Invalid username or password"; } } mysqli_close($conn); ?>
This script starts by connecting to the MySQL database using the mysqli_connect() function. It then checks if the form has been submitted using the $_SERVER["REQUEST_METHOD"] variable. If the form has been submitted, it retrieves the user input using the $_POST variable and escapes any special characters using the mysqli_real_escape_string() function to prevent SQL injection attacks.
The script then queries the database for the user credentials using a SELECT statement. If the query returns a result, the login is successful, and the user's username is stored in the session variable $_SESSION['username']. The script then redirects the user to a dashboard.php page. If the query does not return a result, the login fails, and an error message is stored in the $error variable.
MySQL Database Configuration
To store the user credentials, we will create a MySQL database table named "users". This table should have two columns: "username" and "password". We will assume that the table has already been created and contains at least one user.CREATE TABLE users ( username VARCHAR(50) NOT NULL, password VARCHAR(50) NOT NULL, PRIMARY KEY (username) ); INSERT INTO users (username, password) VALUES ('admin', 'password123');
Conclusion
In this blog, we discussed how to create a login form using HTML, PHP, and MySQL. We created an HTML form that accepts user input for the username and password, and a PHP script that processes the user input and checks it against the user credentials stored in a MySQL database table. We also discussed how to prevent SQL injection attacks by escaping special characters in the user input.A login form is a crucial component of any web application that requires user authentication. By following the steps outlined in this blog, you can create a secure and functional login form for your web application using HTML, PHP, and MySQL.
References:
- 1. PHP manual: https://www.php.net/manual/en/
- 2. MySQL documentation: https://dev.mysql.com/doc/
No comments:
Post a Comment
If you have any doubts regarding the post. Please let me know.