How to Login with a username via form using PHP sessions

Code with C | Programming: Projects & Source Codes Forums PHP How to Login with a username via form using PHP sessions

This topic contains 6 replies, has 1 voice, and was last updated by  Adan 2 years, 5 months ago.

  • Author
  • #11238


    Basically, I’m really struggling with my code right now.

    I need to login with a username via a form using PHP sessions, which will then be shown on the page after you login.

  • #11239


    I don’t really have any atm as I’ve been trying loads of different stuff.

    Here’s what I’m basing it around on the first page:

    < ?php session_start (); $username = $_POST['username']; ?>

    I also have a form on the same page, and then I need to print the username on another page

  • #11240


    “Login” usually means there’s a password (or rather, one-way-encoded password, like a hash) that get’s compared to user provided password (or rather, the userpass gets to be encoded using the same algorithm, and then compared).

    – HTML form sends data to the server
    – PHP gets the data as POST
    – you get the username and search if there is actually a user with that name,
    – if not – error out with “no username or password wrong” – usually you don’t want to giveaway that the provided username is valid
    – if so – you extract (from database?) some basic details, amongst that there’s encoded pass *
    – you encode provided password using the same algorithm used at registration
    – you compare the two and if their different you error out
    – if pwd is valid, you set some session variables and show success page

    on whatever other page you just start session and see if your session variables are set – if so, the user was logged in. Of course then you can add validation, maybe the user had different IP, browser/special cookie last request? If so, it’s possible (but not surely!) that it’s a session hijack taking place. But you can read about that on your own. Wink

    *) this is actually usually the point were you either get some valid data back, or not, and you know if username is valid. I’ve split it to steps for clarity.

  • #11241


    So, I don’t usually provide source code as I prefer to let others do the studying themselves but just provide tips.

    I assume you have your HTML code setup, if not, please learn HTML before proceeding to PHP.

    Then, one you have your form pointing to the php script you can do:

    Please note this code is untried and untested, so I have no idea if this actually works (been a long time since I did non-OOP PHP).

    Hope this helps and use it as a basis for growing your knowledge.

  • #11242


    on top of the page :

    then you can read out the username on the same page via :

    and assign it to a session variable :

    or read it directly into the session variable :

    Then, for the entire validity for the session you can pull up the username via :

  • #11243


    And when the user logout. you can use following code to destroy or unset the value of the session.

  • #11244


    Have you got this straighten out yet if not here is a small solution to your question:

You must be logged in to reply to this topic.