PHP Scripting

How to Use PHP to Submit and Process Your Login Form

A Step-by-Step Guide to submit and process your login form using PHP scripting

6/7/2020
0 views

A login form is an essential part of any website that requires user authentication. In PHP, you can create a secure and functional login form to authenticate users and protect sensitive information. In this article, I’ll guide you through the steps to creating a login form using HTML and how you can handle form submission and processing in PHP.

Step 1: Set Up the Login Form

First, create a login form with fields for the username and password using HTML. You can also style this form with CSS to make it look visually appealing.

<form  method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
         <input type="text" name="username" placeholder="Username" />
         <input type="password" name="password" placeholder="Password" />
         <input type="submit" value="Login" />
</form>

Step 2: Handle Form Submission in PHP

Next, I need to create the PHP script to handle the form submission and authenticate the user.

<?php
            if(isset($_POST['username']) && isset($_POST['password'])) {
                /* Associative Array with md5 encrypted password */
                $loginfo = array("geek12" => md5("1234"), "abc4" => md5("abcd"), "jcb84" => md5("msk53"));
                
                /* Trim whitespace from the beginning and end */
                /* Compare with regular expression */
                if((trim($_POST['username']) == '') || (ereg ('[^a-zA-Z0-9]', $_POST['username'])))
                    echo "Invalid username...Usernames only contain letters and digits.";
                else {
                    if((trim ($_POST['password']) == '') || (ereg ('[^[:alnum:][:punct:][:space:]]', $_POST['password'])))
                        echo "Invalid password...Passwords only contain letters, digits, punctuation and spaces.";
                    else { 
                        /* Checking username exist or not */
                        if(isset($loginfo[$_POST['username']])) {
                            /* Checking password associated with matched username */
                            if($loginfo[$_POST['username']] == md5($_POST['password'])) {
                                /* Set session */
                                session_start();
                                $_SESSION["user_id"] = $_POST['username'];
                                echo "Authenticated!";
                            }
                            else
                                echo "Password didn't match!";
                        }
                        else
                            echo "Username didn't match!";
                    }
                }
            }
?>

Conclusion

Building a secure login form with PHP requires careful handling of user input, password hashing, and session management. Best way is to sanitize inputs using prepared statements first, and then hashing passwords. As this guide demonstrates the basics of using PHP to submit a login form, it's essential to adopt more advanced security measures for production, such as SSL certificates, user input validation, and comprehensive error handling.

PHPLogin Formlogin form in PHPPHP tutorial

Related Examples