PHP Login Without Using Database

Sometimes you may need to password-protect your web page without using a database, and this tutorial can help you do so.

Features

  1. Login without using the database.
  2. Username and Password stored in PHP array.
  3. The ideal process to protect small pages.
liveLive Demo downDownload Script

Step 1: First, we need to design an HTML form.

login.php

Example:

<form action="" method="post" name="Login_Form">
  <table width="400" border="0" align="center" cellpadding="5" cellspacing="1" class="Table">
    <?php if(isset($msg)){?>
    <tr>
      <td colspan="2" align="center" valign="top"><?php echo $msg;?></td>
    </tr>
    <?php } ?>
    <tr>
      <td colspan="2" align="left" valign="top"><h3>Login</h3></td>
    </tr>
    <tr>
      <td align="right" valign="top">Username</td>
      <td><input name="Username" type="text" class="Input"></td>
    </tr>
    <tr>
      <td align="right">Password</td>
      <td><input name="Password" type="password" class="Input"></td>
    </tr>
    <tr>
      <td> </td>
      <td><input name="Submit" type="submit" value="Login" class="Button3"></td>
    </tr>
  </table>
</form>

Step 2: Next, we need to write a PHP script to check the login authentication.

Example:

<?php session_start(); /* Starts the session */
        
        /* Check Login form submitted */        
        if(isset($_POST['Submit'])){
                /* Define username and associated password array */
                $logins = array('Alex' => '123456','username1' => 'password1','username2' => 'password2');
                
                /* Check and assign submitted Username and Password to new variable */
                $Username = isset($_POST['Username']) ? $_POST['Username'] : '';
                $Password = isset($_POST['Password']) ? $_POST['Password'] : '';
                
                /* Check Username and Password existence in defined array */            
                if (isset($logins[$Username]) && $logins[$Username] == $Password){
                        /* Success: Set session variables and redirect to Protected page  */
                        $_SESSION['UserData']['Username']=$logins[$Username];
                        header("location:index.php");
                        exit;
                } else {
                        /*Unsuccessful attempt: Set error message */
                        $msg="<span style='color:red'>Invalid Login Details</span>";
                }
        }
?>

I have written this script at the top of the login page.

Ok, now it's ready to login.

Step 3: If the login is correct, then we need to redirect the page to the protected area.

So need a protected script page too.

index.php

Example:

<?php session_start(); /* Starts the session */

if(!isset($_SESSION['UserData']['Username'])){
        header("location:login.php");
        exit;
}
?>

Congratulation! You have logged into password protected page. <a href="logout.php">Click here</a> to Logout.

Ready, now our login system perfectly has done, but we also need to provide a logout facility to the user, so we require creating a logout page.

logout.php

Example:

<?php session_start(); /* Starts the session */
session_destroy(); /* Destroy started session */
header("location:login.php");  /* Redirect to login page */
exit;
?>
Found This Page Useful? Share It!
Get the Latest Tutorials and Updates
Join us on Telegram