php‎ > ‎

Complete PHP log in system with Admin features

Hi all. Severally I have searched for a pure login system in the net but rarely found it. The biggest problem I faced is after login when I click the back button on fire fox or internet explorer I got back to the admin page again. Here I am demonstrating the best path in which you can make your secured login system in PHP. Somehow knowledge in PHP is essential.

 

Designing the database

I have created an DB called “login_ashutosh”. I have given the privileges as username – ashutosh and password – ashutosh666.

 

Then created the following table

 

CREATE TABLE IF NOT EXISTS `admin` (

  `id` int(11) NOT NULL AUTO_INCREMENT,

  `f_name` varchar(100) DEFAULT NULL,

  `l_name` varchar(100) DEFAULT NULL,

  `email` varchar(100) DEFAULT NULL,

  `username` varchar(100) DEFAULT NULL,

  `password` varchar(100) DEFAULT NULL,

  PRIMARY KEY (`id`)

) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;

 

Dumped the data in my own table.

 

INSERT INTO `admin` (`id`, `f_name`, `l_name`, `email`, `username`, `password`) VALUES

(1, 'ashutosh', 'moharana', 'ashutosh.moharana@gmail.com', 'ashutosh', 'ashutosh6');

 

You also can insert the data as to your requirement either in the table or can change the privileges also. But be careful about all the script that changes as to your changes. I have tried to highlight the changes that you may do.

 

Then we can start up for the scripts in PHP. I am using easy PHP with adobe dream weaver cs3. First in www folder inside C:\Program Files\EasyPHP5.3.0\www make a folder called login_ashutosh. I have made in index page and also made one header and footer for the index page. Called as header_index and footer_index.

 

Index.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="css/login.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<div align="center">

  <table width="800" border="0" cellpadding="0" cellspacing="0">

    <!--DWLayoutTable-->

    <tr>

      <td width="800" height="40" valign="top">

      <?php

                  include_once 'header_index.php';

                  ?>

      &nbsp;</td>

    </tr>

    <tr>

      <td height="520" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">

        <!--DWLayoutTable-->

        <tr>

          <td width="800" height="480" valign="top"><p><a href="user/admin/admin_login.php">ADMIN LOGIN</a></p>

            </td>

          </tr>

        <tr>

          <td height="40" valign="top">

          <?php

                                  include_once 'footer_index.php';

                                  ?>

          &nbsp;</td>

        </tr>

      </table></td>

    </tr>

    <tr>

      <td height="40" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>

    </tr>

  </table>

</div>

</body>

</html>

 

Save the index directly in the same folder. And then make the header file.

 

Header.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="css/login.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<table width="800" border="0" cellpadding="0" cellspacing="0">

  <!--DWLayoutTable-->

  <tr>

    <td width="600" height="90" valign="top">

          <?php

                session_start(); //this must be at the top of every page

                if (isset($_SESSION['valid_user']))

                {

                echo "WEL COME " ."<b>". $_SESSION["valid_user"]."</b>"."</br>";

                echo "<a href=\"user/config/all_logout.php\">Click here to logout!</a>";

                }

                else

                {

                print "WEL COME GUEST";

                }

                  ?>

    &nbsp;</td>

    <td width="200" valign="top">DEMO SITE DEVELOPED BY ashutosh.moharana@gmail.com</td>

  </tr>

 

 

  <tr>

    <td height="30" colspan="2" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>

  </tr>

</table>

</body>

</html>

 

Save this file also in the same folder and make the footer one.

Footer.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="css/login.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<table width="800" border="0" cellpadding="0" cellspacing="0">

  <!--DWLayoutTable-->

  <tr>

    <td width="800" height="20" valign="top" class="footer_gapper">HOME I ABOUT US I CONTACT </td>

  </tr>

  <tr>

    <td height="20" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>

  </tr>

</table>

</body>

</html>

 

Then I have made another folder called “user”. I made another two folders as “config” and “admin” inside the same. Where config will contain all my common tasks the admin folder will contain all my admin documents.

 

First let’s go for the config folder. Make the connection file as stated below and save it as connect.php.

 

Connect.php

 

<?php

    $user_name = "ashutosh";

    $password = "ashutosh666";

    $database = "login_ashutosh";

    $server = "localhost";

$db_handle = mysql_connect($server, $user_name, $password);

$db_found = mysql_select_db($database, $db_handle);

 

/* SCRIPT WRITTEN BY Ashutosh, Bluz Academy, India.

?>

 

Then also create another file called all_logout.php inside the same folder.

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="file:///F|/www/smsl_bank/css/banking main.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<div align="center">

  <table width="800" border="0" cellpadding="0" cellspacing="0">

    <!--DWLayoutTable-->

    <tr>

      <td height="130" colspan="2" valign="top"><!--DWLayoutEmptyCell-->&nbsp;            </td>

    </tr>

    <tr>

      <td height="20" colspan="2" valign="top">

<?php

session_start();

session_unset();

session_destroy();

// Logged out, return home.

Header("Location: ../../index.php");

?>

      &nbsp;</td>

    </tr>

    <tr>

      <td width="20" height="350" valign="top" class="bodytext"><!--DWLayoutEmptyCell-->&nbsp;</td>

      <td width="780" valign="top" class="bodytext"><p>Tnank you for accessing !!!</p>

      <p>Click Here To go to the main page</p>        

      <p>Click here to login again as a branch</p></td>

    </tr>

  </table>

</div>

</body>

</html>

 

Then go to the admin folder. Create a file called admin_login.php which will allow the admin to login. It is a simple form in PHP with HTML codes.

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="../../css/login.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<div align="center">

  <table width="800" border="0" cellpadding="0" cellspacing="0">

    <!--DWLayoutTable-->

    <tr>

      <td width="800" height="40" valign="top">

      <?php

                  include_once 'header_admin.php';

                  ?>

      &nbsp;</td>

    </tr>

    <tr>

      <td height="520" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">

        <!--DWLayoutTable-->

        <tr>

          <td width="800" height="480" valign="top">

           <form action="admin_login_process.php" method="post"/>

          <p class="yellowtext">&nbsp;</p>

          User Name</span><br />

          <input type="text" name="username"/>

          <br />

          Pass Word

          <br />

          <input type="password" name="password"/>

          <br />

          <br />

          <input name="login" type="submit" class="redtext" value="login"/>

          </form>

          &nbsp;</td>

          </tr>

        <tr>

          <td height="40" valign="top">

          <?php

                                  include_once 'footer_admin.php';

                                  ?>

          &nbsp;</td>

        </tr>

      </table></td>

    </tr>

    <tr>

      <td height="40" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>

    </tr>

  </table>

</div>

</body>

</html>

 

Then create the admin_login_process.php and save it in the same folder.

 

<?php

include "../config/connect.php";

if (!$_POST["username"] || !$_POST["password"])

{

die("PROVIDE ADMIN FEATURES !!!");

}

// Create query

$q = "SELECT * FROM `admin` "

  ."WHERE `username`='".$_POST["username"]."' "

  ."AND `password`='".$_POST["password"]."' "

  ."LIMIT 1";

// Run query

$r = mysql_query($q);

if ( $obj = @mysql_fetch_object($r) )

  {

// Login good, create session variables

session_start();

$_SESSION["valid_user"] = $obj->username;

 

// Redirect to member page

Header("Location: admin.php");

}

else

{

// Login not successful

die("SORRY UNAUTHORISED ACCESS !!!");

}

?>

 

After the process in login the PHP will test the account details and will direct to admin.php. Let’s create it.

Admin.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="../../css/login.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<div align="center">

  <table width="800" border="0" cellpadding="0" cellspacing="0">

    <!--DWLayoutTable-->

    <tr>

      <td width="800" height="40" valign="top">

      <?php

                  include_once 'header_admin_loggedin.php';

                  ?>

      &nbsp;</td>

    </tr>

    <tr>

      <td height="520" valign="top"><table width="100%" border="0" cellpadding="0" cellspacing="0">

        <!--DWLayoutTable-->

        <tr>

          <td width="800" height="480" valign="top"><p>&nbsp;</p>

            <p>ADMIN PAGE</p></td>

          </tr>

        <tr>

          <td height="40" valign="top">

          <?php

                                  include_once 'footer_admin.php';

                                  ?>

          &nbsp;</td>

        </tr>

      </table></td>

    </tr>

    <tr>

      <td height="40" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>

    </tr>

  </table>

</div>

</body>

</html>

 

Then make the footer for the admin page.

 

footer_admin.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="../../css/login.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<table width="800" border="0" cellpadding="0" cellspacing="0">

  <!--DWLayoutTable-->

  <tr>

    <td width="800" height="20" valign="top" class="footer_gapper">HOME I ABOUT US I CONTACT </td>

  </tr>

  <tr>

    <td height="20" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>

  </tr>

</table>

</body>

</html>

 

Here some tricky step. I will use two headers for the best result. These two headers will deactivate your back button in the firefox/ internet explorer or any type of browser. The first will be the header_admin.php. It will be only showed in the log in page header. Please attach this header to the login page only.

 

header_admin.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="../../css/login.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<table width="800" border="0" cellpadding="0" cellspacing="0">

  <!--DWLayoutTable-->

  <tr>

    <td width="600" height="90" valign="top">

              <?php

                session_start(); //this must be at the top of every page

                if (isset($_SESSION['valid_user']))

                {

                echo "WEL COME " ."<b>". $_SESSION["valid_user"]."</b>"."</br>";

                echo "<a href=\"../config/all_logout.php\">Click here to logout!</a>";

                }

                else

                {

                print "WEL COME GUEST";

                }

                  ?>

    &nbsp;

   

    </td>

    <td width="200" valign="top">DEMO SITE DEVELOPED BY ashutosh.moharana@gmail.com</td>

  </tr>

  <tr>

    <td height="30" colspan="2" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>

  </tr>

</table>

</body>

</html>

 

Then another file is for header but it will be attached to other admin pages as the single page I have created as admin.php. You also can create more pages with this header. The pages that only can be viewed by the admin will show this header.

 

header_admin_loggedin.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

<link href="../../css/login.css" rel="stylesheet" type="text/css" />

</head>

 

<body>

<table width="800" border="0" cellpadding="0" cellspacing="0">

  <!--DWLayoutTable-->

  <tr>

    <td width="600" height="90" valign="top">

    <?php

session_start();

if (!$_SESSION["valid_user"])

{

// User not logged in, redirect to login page

Header("Location: admin_login.php");

}

// Member only content

// ...

// ...

// ...

// Display Member information

echo "WEL COME USER: " ."<b>". $_SESSION["valid_user"]."</b>";

echo "<br/>";

echo "<a href=\"../config/all_logout.php\">Click here to logout!</a>";

?>

    &nbsp;</td>

  <td width="200" valign="top">DEMO SITE DEVELOPED BY ashutosh.moharana@gmail.com</td>

  </tr>

  <tr>

    <td height="30" colspan="2" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</td>

  </tr>

</table>

</body>

</html>

 

The css I have used will be saved in the CSS folder within the login_ashutosh folder.

 

Login.css

@charset "utf-8";

body,td,th {

                font-family: Verdana, Arial, Helvetica, sans-serif;

                font-size: 10px;

}

.footer_gapper {

                font-family: Arial, Helvetica, sans-serif;

                background-image: url(../image/images/gapper.png);

                background-position: left center;

                font-size: 10px;

                text-align: right;

                vertical-align: middle;

}

 

The folder arrangements are like the following.

 

Login_ashutosh (index.php, header.php, footer.php)

·         Css (login.css)

·         User

o   Config (connect.php, all_logout.php)

o   Admin (admin.php, admin_login.php, admin_login_process.php, footer_admin.php, header_admin.php, header_admin_loggedin)

 

Please change the paths as to your requirement and get the perfect secured login. For any doubts please feel free to ask.

Comments