Sometimes you may need to password-protect your web page without using a database, and this tutorial can help you do so.
Features
- Login without using the database.
- Username and Password stored in PHP array.
- The ideal process to protect small pages.
Step 1: First, we need to design an HTML form.
login.php
Example:
<form action="" method="post" name="Login_Form">
<table width="400" border="0" align="center" cellpadding="5" cellspacing="1" class="Table">
<?php if(isset($msg)){?>
<tr>
<td colspan="2" align="center" valign="top"><?php echo $msg;?></td>
</tr>
<?php } ?>
<tr>
<td colspan="2" align="left" valign="top"><h3>Login</h3></td>
</tr>
<tr>
<td align="right" valign="top">Username</td>
<td><input name="Username" type="text" class="Input"></td>
</tr>
<tr>
<td align="right">Password</td>
<td><input name="Password" type="password" class="Input"></td>
</tr>
<tr>
<td> </td>
<td><input name="Submit" type="submit" value="Login" class="Button3"></td>
</tr>
</table>
</form>
Step 2: Next, we need to write a PHP script to check the login authentication.
Example:
<?php session_start(); /* Starts the session */
/* Check Login form submitted */
if(isset($_POST['Submit'])){
/* Define username and associated password array */
$logins = array('Alex' => '123456','username1' => 'password1','username2' => 'password2');
/* Check and assign submitted Username and Password to new variable */
$Username = isset($_POST['Username']) ? $_POST['Username'] : '';
$Password = isset($_POST['Password']) ? $_POST['Password'] : '';
/* Check Username and Password existence in defined array */
if (isset($logins[$Username]) && $logins[$Username] == $Password){
/* Success: Set session variables and redirect to Protected page */
$_SESSION['UserData']['Username']=$logins[$Username];
header("location:index.php");
exit;
} else {
/*Unsuccessful attempt: Set error message */
$msg="<span style='color:red'>Invalid Login Details</span>";
}
}
?>
I have written this script at the top of the login page.
Ok, now it's ready to login.
Step 3: If the login is correct, then we need to redirect the page to the protected area.
So need a protected script page too.
index.php
Example:
<?php session_start(); /* Starts the session */
if(!isset($_SESSION['UserData']['Username'])){
header("location:login.php");
exit;
}
?>
Congratulation! You have logged into password protected page. <a href="logout.php">Click here</a> to Logout.
Ready, now our login system perfectly has done, but we also need to provide a logout facility to the user, so we require creating a logout page.
logout.php
Example:
<?php session_start(); /* Starts the session */
session_destroy(); /* Destroy started session */
header("location:login.php"); /* Redirect to login page */
exit;
?>