Click here to Skip to main content
Click here to Skip to main content
Technical Blog

PHP MySQL Login Form

, 9 Oct 2012 CPOL
Rate this:
Please Sign up or sign in to vote.
In this tutorial you will learn how to create a login form for your website using PHP and MySQL.

PHP MySQL Login Form

In this tutorial you will learn how to create a login form for your website using PHP and MySQL. This tutorial will be very basic, and very brief. It is to show the simplest way to have a user login to your website.

Login Form using PHP and MySQL:

Generally, it is mandatory to have a user login form in a website if you only want people with certain credentials view your content. It is a good way to keep your data secure from those who it is not intended to. Do you remember one of our previous tutorials on saving data to a database. Well we will use that same data and that same users table.

Since we already have our table created and stored data in it: See here: Save Records, we will query that same table for what the user has input on the login form.

Now let’s create the login form


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Jotorres Login Form</title>
    <form method="post" action="validate_login.php" >
        <table border="1" >
                <td><label for="users_email">Email</label></td>
                <td><input type="text" 
                  name="users_email" id="users_email"></td>
                <td><label for="users_pass">Password</label></td>
                <td><input name="users_pass" 
                  type="password" id="users_pass"></input></td>
                <td><input type="submit" value="Submit"/>
                <td><input type="reset" value="Reset"/>

Now that we have the login form created, let’s go ahead and create the actual file for validation.



// Grab User submitted information
$email = $_POST["users_email"];
$pass = $_POST["users_pass"];

// Connect to the database
$con = mysql_connect("localhost","root","");
// Make sure we connected succesfully
if(! $con)
    die('Connection Failed'.mysql_error());

// Select the database to use

$result = mysql_query("SELECT users_email, users_pass FROM users WHERE users_email = $email");

$row = mysql_fetch_array($result);

if($row["users_email"]==$email && $row["users_pass"]==$pass)
    echo"You are a validated user.";
    echo"Sorry, your credentials are not valid, Please try again.";

If the username and password both are correct then output will be:

You are a validated user.

If any one of the field or both are incorrect then the output will be:

Sorry, your credentials are not valid. Please try again.


In form of exercise, since we are little by little becoming PHP experts, you need to identify where would this script be vulnerable. Also, give reference to what can you do to prevent attacks.

Hints: SQL injection, mysql_real_escape_string, filter_var() with FILTER_SANITIZE_? I basically gave you more than what you need to answer those questions.


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Software Developer
Puerto Rico Puerto Rico
As a computer scientist, I strive to learn more everyday in my field. Everything I learn, I share with my community by writing articles for future references.
Follow on   Twitter

Comments and Discussions

Questionphp login PinmemberMember 111388758-Oct-14 9:04 
Questionotr PinmemberMember 109708327-Aug-14 1:02 
GeneralMy vote of 3 Pinmembernikhilgeo25-Jan-14 11:23 
GeneralRe: My vote of 3 PinmemberMember 1091144930-Jun-14 23:35 
QuestionCorrections..! Pinmembernikhilgeo25-Jan-14 11:22 
GeneralMy vote of 1 PinmemberRoger Landolt13-Oct-12 7:35 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web04 | 2.8.150327.1 | Last Updated 9 Oct 2012
Article Copyright 2012 by jotorres
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid