Posted on June 3rd, 2013
3058 views Complete PHP log in system with Admin features and detection for the guests. Hi all. Severally I have searched for a pure login system in the net but rarely found it. The biggest problem I faced is after login when I click the back button on fire fox or internet explorer I got back to the admin page again. Here I am demonstrating the best path in which you can make your secured login system in PHP. Somehow knowledge in PHP is essential.
Designing the database I have created an DB called “login_ashutosh”. I have given the privileges as username – ashutosh and password – ashutosh666.
Then created the following table
CREATE TABLE IF NOT EXISTS `admin` ( `id` int(11) NOT NULL AUTO_INCREMENT, `f_name` varchar(100) DEFAULT NULL, `l_name` varchar(100) DEFAULT NULL, `email` varchar(100) DEFAULT NULL, `username` varchar(100) DEFAULT NULL, `password` varchar(100) DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
Dumped the data in my own table.
INSERT INTO `admin` (`id`, `f_name`, `l_name`, `email`, `username`, `password`) VALUES (1, 'ashutosh', 'moharana', '[email protected]', 'ashutosh', 'ashutosh6');
You also can insert the data as to your requirement either in the table or can change the privileges also. But be careful about all the script that changes as to your changes. I have tried to highlight the changes that you may do.
Then we can start up for the scripts in PHP. I am using easy PHP with adobe dream weaver cs3. First in www folder inside C:Program FilesEasyPHP5.3.0www make a folder called login_ashutosh. I have made in index page and also made one header and footer for the index page. Called as header_index and footer_index.
Index.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="css/login.css" rel="stylesheet" type="text/css" /> </head>
<body> <div align="center"> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="800" height="40" valign="top"> <?php include_once 'header_index.php'; ?> </td> </tr> <tr> <td height="520" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="800" height="480" valign="top"><p><a href="user/admin/admin_login.php">ADMIN LOGIN</a></p> </td> </tr> <tr> <td height="40" valign="top"> <?php include_once 'footer_index.php'; ?> </td> </tr> </table></td> </tr> <tr> <td height="40" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> </table> </div> </body> </html>
Save the index directly in the same folder. And then make the header file.
Header.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="css/login.css" rel="stylesheet" type="text/css" /> </head>
<body> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="600" height="90" valign="top"> <?php session_start(); //this must be at the top of every page if (isset($_SESSION['valid_user'])) { echo "WEL COME " ."<b>". $_SESSION["valid_user"]."</b>"."</br>"; echo "<a href="user/config/all_logout.php">Click here to logout!</a>"; } else { print "WEL COME GUEST"; } ?> </td> <td width="200" valign="top">DEMO SITE DEVELOPED BY [email protected]</td> </tr>
<tr> <td height="30" colspan="2" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> </table> </body> </html>
Save this file also in the same folder and make the footer one. Footer.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="css/login.css" rel="stylesheet" type="text/css" /> </head>
<body> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="800" height="20" valign="top" class="footer_gapper">HOME I ABOUT US I CONTACT </td> </tr> <tr> <td height="20" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> </table> </body> </html>
Then I have made another folder called “user”. I made another two folders as “config” and “admin” inside the same. Where config will contain all my common tasks the admin folder will contain all my admin documents.
First let’s go for the config folder. Make the connection file as stated below and save it as connect.php.
Connect.php
<?php $user_name = "ashutosh"; $password = "ashutosh666"; $database = "login_ashutosh"; $server = "localhost"; $db_handle = mysql_connect($server, $user_name, $password); $db_found = mysql_select_db($database, $db_handle);
/* SCRIPT WRITTEN BY Ashutosh, Bluz Academy, India. ?>
Then also create another file called all_logout.php inside the same folder.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="file:///F|/www/smsl_bank/css/banking main.css" rel="stylesheet" type="text/css" /> </head>
<body> <div align="center"> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td height="130" colspan="2" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> <tr> <td height="20" colspan="2" valign="top"> <?php session_start(); session_unset(); session_destroy(); // Logged out, return home. Header("Location: ../../index.php"); ?> </td> </tr> <tr> <td width="20" height="350" valign="top" class="bodytext"><!--DWLayoutEmptyCell--> </td> <td width="780" valign="top" class="bodytext"><p>Tnank you for accessing !!!</p> <p>Click Here To go to the main page</p> <p>Click here to login again as a branch</p></td> </tr> </table> </div> </body> </html>
Then go to the admin folder. Create a file called admin_login.php which will allow the admin to login. It is a simple form in PHP with HTML codes.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="../../css/login.css" rel="stylesheet" type="text/css" /> </head>
<body> <div align="center"> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="800" height="40" valign="top"> <?php include_once 'header_admin.php'; ?> </td> </tr> <tr> <td height="520" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="800" height="480" valign="top"> <form action="admin_login_process.php" method="post"/> <p class="yellowtext"> </p> User Name</span><br /> <input type="text" name="username"/> <br /> Pass Word <br /> <input type="password" name="password"/> <br /> <br /> <input name="login" type="submit" class="redtext" value="login"/> </form> </td> </tr> <tr> <td height="40" valign="top"> <?php include_once 'footer_admin.php'; ?> </td> </tr> </table></td> </tr> <tr> <td height="40" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> </table> </div> </body> </html>
Then create the admin_login_process.php and save it in the same folder.
<?php include "../config/connect.php"; if (!$_POST["username"] || !$_POST["password"]) { die("PROVIDE ADMIN FEATURES !!!"); } // Create query $q = "SELECT * FROM `admin` " ."WHERE `username`='".$_POST["username"]."' " ."AND `password`='".$_POST["password"]."' " ."LIMIT 1"; // Run query $r = mysql_query($q); if ( $obj = @mysql_fetch_object($r) ) { // Login good, create session variables session_start(); $_SESSION["valid_user"] = $obj->username;
// Redirect to member page Header("Location: admin.php"); } else { // Login not successful die("SORRY UNAUTHORISED ACCESS !!!"); } ?>
After the process in login the PHP will test the account details and will direct to admin.php. Let’s create it. Admin.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="../../css/login.css" rel="stylesheet" type="text/css" /> </head>
<body> <div align="center"> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="800" height="40" valign="top"> <?php include_once 'header_admin_loggedin.php'; ?> </td> </tr> <tr> <td height="520" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="800" height="480" valign="top"><p> </p> <p>ADMIN PAGE</p></td> </tr> <tr> <td height="40" valign="top"> <?php include_once 'footer_admin.php'; ?> </td> </tr> </table></td> </tr> <tr> <td height="40" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> </table> </div> </body> </html>
Then make the footer for the admin page.
footer_admin.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="../../css/login.css" rel="stylesheet" type="text/css" /> </head>
<body> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="800" height="20" valign="top" class="footer_gapper">HOME I ABOUT US I CONTACT </td> </tr> <tr> <td height="20" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> </table> </body> </html>
Here some tricky step. I will use two headers for the best result. These two headers will deactivate your back button in the firefox/ internet explorer or any type of browser. The first will be the header_admin.php. It will be only showed in the log in page header. Please attach this header to the login page only.
header_admin.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="../../css/login.css" rel="stylesheet" type="text/css" /> </head>
<body> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="600" height="90" valign="top"> <?php session_start(); //this must be at the top of every page if (isset($_SESSION['valid_user'])) { echo "WEL COME " ."<b>". $_SESSION["valid_user"]."</b>"."</br>"; echo "<a href="../config/all_logout.php">Click here to logout!</a>"; } else { print "WEL COME GUEST"; } ?>
</td> <td width="200" valign="top">DEMO SITE DEVELOPED BY [email protected]</td> </tr> <tr> <td height="30" colspan="2" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> </table> </body> </html>
Then another file is for header but it will be attached to other admin pages as the single page I have created as admin.php. You also can create more pages with this header. The pages that only can be viewed by the admin will show this header.
header_admin_loggedin.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="../../css/login.css" rel="stylesheet" type="text/css" /> </head>
<body> <table width="800" border="0" cellpadding="0" cellspacing="0"> <!--DWLayoutTable--> <tr> <td width="600" height="90" valign="top"> <?php session_start(); if (!$_SESSION["valid_user"]) { // User not logged in, redirect to login page Header("Location: admin_login.php"); } // Member only content // ... // ... // ... // Display Member information echo "WEL COME USER: " ."<b>". $_SESSION["valid_user"]."</b>"; echo "<br/>"; echo "<a href="../config/all_logout.php">Click here to logout!</a>"; ?> </td> <td width="200" valign="top">DEMO SITE DEVELOPED BY [email protected]</td> </tr> <tr> <td height="30" colspan="2" valign="top"><!--DWLayoutEmptyCell--> </td> </tr> </table> </body> </html>
The css I have used will be saved in the CSS folder within the login_ashutosh folder.
Login.css @charset "utf-8"; body,td,th { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; } .footer_gapper { font-family: Arial, Helvetica, sans-serif; background-image: url(../image/images/gapper.png); background-position: left center; font-size: 10px; text-align: right; vertical-align: middle; }
The folder arrangements are like the following.
Login_ashutosh (index.php, header.php, footer.php) · Css (login.css) · User o Config (connect.php, all_logout.php) o Admin (admin.php, admin_login.php, admin_login_process.php, footer_admin.php, header_admin.php, header_admin_loggedin)
Please change the paths as to your requirement and get the perfect secured login. For any doubts please feel free to ask.
|