In today’s video tutorial, we’ll be building a login system with PHP and MYSQL. Many, many features will be covered; including MySqli, Prepared Statements, jQuery, Classes, Sessions, Cookies, etc. I bit off more than I could chew for today’s screencast. So, I’ll be creating a Part 2 in the next couple of weeks in order to improve our system even further.
Finished! ….For Now
We’ve managed to get an enormous amount of work done in about forty-five minutes; but there’s much room for improvement – specifically when it comes to optimizing our class files for reuse. Before I let you go, let’s take a quick look at what we’d like to accomplish in Part 2.
What We Need to Accomplish in a Future Tutorial
- Set an expiration date after creating a session – so that the user is automatically logged off after X minutes.
- Allow users to sign up and edit their passwords.
- Update our database to contain “secret question/answer” questions for username/password retrieval.
- Refactor our class files. As I mentioned in the video tut, there are a few procedures that we should remove from our methods in order to promote “best practices”, and increase reusability as much as possible.
- Subscribe to the NETTUTS RSS Feed for more daily web development tuts and articles.
Enjoyed this Post?
Subscribe to our RSS Feed, Follow us on Twitter or simply recommend us to friends and colleagues!
By Jeffrey Way
Premium Members
Source Files, Bonus Tutorials & More for all relevant Tuts+ sites in one subscription. Join Now
Related Posts
Premium Membership
Source Files, Bonus Tutorials & More for all relevant Tuts+ sites in one subscription
Online resume - More
Web Basix
Just getting started? Start with our basix tutorials on the fundamentals. View All Basix Tutorials
Other Plus Sites ...
aetuts+ audiotuts+ vectortuts+ tuts+ phototuts+ cgtuts+ nettuts+ psdtuts+ activetuts+Create a Tutorial, Get Paid!
Have something to teach the world? Want to earn money doing it? Tutorials, screencasts, and articles published here on Nettuts+ are largely contributed by readers just like you! We'll pay you great money for good content. Find Out More
Thanks … it was easy to learn … and put in practice
I’m checking new nettuts from you …
Love the this tutorial. Still waiting for part 2, though. Still going to happen??
Is it possible to download the screencast itself?
Hi,
I’m gettin an error saying:
“Fatal error: Call to a member function prepare() on a non-object in C:\wamp\www\membershipSite\classes\Mysql.php on line 20″
This happens whether I use the correct username/password or not. I went to line 20:
if ($stmt = $this->conn->prepare($query)) {
but don’t see what is wrong. Any ideas?
if the user ignores location headers, they will not have to log in to see the secret launch codes.
Thanks for every thing.
i’m looking forward to your future tutorial
thnx jeff. you rock!
nice tut!
i was wondering what is the method to hash a password ?
Die() function is not working. It’s not dying.
I simply don’t have database installed even though i when i try with existing database and WRONG password. It’s not dying.
It just shows error at the top of the page. I just want to make it die().
Do Prepared Statements return differently with UPDATE instead of SELECT.
I’ve been using this tutorial to understand Prepared Statements and I have them working fine, except my UPDATE queries return to the previous class false, even if they work just fine.
Hope that makes sense.
Hii… this video stops in minute 26.. i whats up there ???
Excellent !! Very precise and we all forgive you for your mistakes during the video ^^
I love your tutorial !
Thanks again
Awesome tut – Just what I was looking for.
Trying to upload the working files to my server that has php myadmin built in.
I’m pretty sure Ive changed the “constants” file correctly with my user name, password etc but when I login to the login.php page it keeps saying that I have an invalid username/ password although it is one I have entered into php myadmin.
Any ideas?
(un: ‘test’ | ps: ‘12345′
Hi Jeff!
Where can I get part 2 of this tutorial?
What should I use instead of this:
conn = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME) or
die(‘There was a problem connecting to the database.’);
}
function verify_Username_and_Pass($un, $pwd) {
$query = “SELECT *
FROM users
WHERE username = ? AND password = ?
LIMIT 1″;
if($stmt = $this->conn->prepare($query)) {
$stmt->bind_param(’ss’, $un, $pwd);
$stmt->execute();
if($stmt->fetch()) {
$stmt->close();
return true;
}
}
}
}
If I dont have MYSQLI module installed?
Hey when will part to be posted? BTW great tuts only reason i got a plus account is to watch the content you post
thanks
Hey Thanks! I enjoyed that, and learned a bunch. I’ll be going through your other stuff for sure.
Part 2 would be great.
Hey everybody, how can i get the details for the user currently logged in?
As i am building an application form, which inserts to mysql db.
Any ideas?
Great tutorial! Thanks a lot to make it very easy and understandable. I believe 2nd part of tutorial is in demand! cant wait…..
@Jeff – Is part 2 on the way soon?
Thank you for this tutorial, I got it working pretty close to my needs.
However, how would I go about redirecting the visitor to the page he was *trying* to reach before getting stopped by the login.php page, after he has sucsessfully logged in?
I actually got this working the way I wanted (with a little help from some nice people at irc://dalnet/php)
Modified Membership file:
http://pastebin.com/fdd81909
I still have a problem, both in my own and the downloaded tutorial version of Mysql.php.
I get this error:
Parse error: syntax error, unexpected T_STRING, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or ‘}’ in /nfs/c05/h04/mnt/77028/domains/silktonguegamblers.com/html/classes/Mysql.php on line 6
As I don’t know any php, I have no idea how to solve it. Does anyone know why this error comes up? My server is uding PHP5.
Nevermind. It was a regular problem with (mt) servers that it automatically reverts back to PHP4. I had to create a line in the .htaccess file to instruct it to stick to PHP5.
Great tut!
This was exactly what i was looking for.
I have a few questions though,
1. Could you list all programs used in this tut?
2. And also, can you use MS Access instead of phpMyAdmin?
Thanks!
I too would love to see the Part 2 followup to this excellent screencast
Hi Folks,
I am going though this php course and unfortunately I have an instructor that does not know how to instruct and does not help in any way. I have duplicated your login script verbatim and for some reason I cannot seem to get it to work. I am using XAMPP on a Mac and would like to know if this would cause any problems as to why I cannot seem to get things to work. When I have my file put together, it keeps giving me the $end statement and I have checked everything. Is there anything you can tell me to help me here. I have been working on this for almost 3 weeks and I am desperate…!
Thank you for you time and keep up the great work…!!
James
This is a very nice tutorial, i liked you used the OO. Thanks
Very very helpful tutorial btw.
its will be almost 11 months since this part 1 of the tutorial!! is there a part 2 by any change coming? Would really really appreciate it!
Thanks
I am also excited to see part 2. I’d like to learn to refactor the classes and best practices regarding hashing passwords and the ‘Forgot Password’ system. I’ve been reading a lot about it and this video has really helped with regard to OOP and prepared statements, since it used a very usable example ( I use authentication systems all the with my applications ).
Thank you!
-Jim
OK, I think Part 2 is much overdue too!! I’d love to see it soon!
it’s really simple n nice.helpful post.thanks for sharing.
With the following on the target page that you want to grant access to if user is authorized:
confirm_Member();
?>
Why would I be seeing
confirm_Member(); ?>
in the top left of the target page when I should be redirected to the login page when no session has set?
Awesome prize. Wouldn’t mind getting one!
I can’t seem to find the part 2 of this series. Was it ever done?
hello cest génial j aime beaucoup
how did you pople do it did you just write it down manually ??.
where is the for the beginners version????
part two would have been absolutely perfect for what i needed. shame it wasnt made =[
Dear Jeff
Thank you for tutorial. initially I had some problems configuring the WAMP server on 8080. I figured out a simple process to do it. I have posted about the same at:
http://abishekravi.blogspot.com/2010/01/tweaking-phpmyadmin-configuration.html
Your comments would be very valueable.
i have followed the tut to the letter but this comes up?
http://i46.tinypic.com/2qk1g68.png
Sorry I am a noob to OO but I don’t understand why you have structured the validate_user and the verify_Username_and_Pass functions in the way that you have.
It seems to me that you could have a need of a Mysql class without having a need for any sort of membership functions. Furthermore, having a membership class implies that anything to do with membership should be found there.
Consequently, it makes more sense, to me at least, to have a validate_user function in Membership and then put all of the logic for validating the user in there, including verifying their username and password. The Mysql class would then only contain basic functions for connecting to the database and so forth and this “rawer” functionality would be called directly from the validate_user function.
Put it another way, when you want to verify a username and password independently of validating a user?
Oh well. I am currently creating a Session class for this very purpose so hopefully there aren’t some very good reasons underlying the structure you have chosen. I am sure I will encounter them if there are
.
I followed the Tut exactly, but nothing shows up on my page
when I test on my computer locally it shows up fine with no errors, but as soon as I put it online and get a blank screen
http://www.magicbuscompany.com/membership/login.php
nevermind I upgrade to php5 and its showing up now, but it keeps giving me a incorrect username and password
I also put in a php info inside to see whats up, but it shows up fine in there
http://www.magicbuscompany.com/membership/phpinfo.php
can someone please help me out here I know its probably something really simple I’m not doing.
Thanks
nevermind it was something with my hosting account and the hash password wasn’t typed in correctly
you don’t have to paste your md5 hash to the field in phpmyadmin…
next to the field there is a select that you can select a mysql function… you can directly write your password and select MD5 as the function and sql query will convert it to md5 has automatically…
Excellent tutorial for beginners.! I learned a lot.
When can we see the PART 2?
Thanks a lot Jeff!
having trouble hooking the log in to my website….
Warning: mysqli::mysqli() [mysqli.mysqli]: (42000/1044): Access denied for user ‘css1deal’@'localhost’ to database ‘team’ in /usr/www/css1deal/public/member/classes/Mysql.php on line 9
this would be referring to my information in the constants folder which i have correct?
i was able to get rid of that error
but still not able to log in yet