PHP login stuff…

This article may be a too old thing for most of the people but I hope still this is useful for newbies in PHP.

Still PHP is the most powerful language for server side programming. It gives wonderful functions to develope more powerful web sites and apps. session variables are good example for it.

A PHP session variable is used to store information about, or change settings for a user session. Session variables hold information about one single user, and are available to all pages in one application.

This session is the main thing we need to use to create a simple or more powrful login system in PHP.

The below is the list of session()s’ available in PHP

For a simple login script we use session_start() and to logout we use session_destroy().


session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.

This returns true if a session is successfully started other wise this returns false.

Login script [login.php]

This is the login page or index page of our project. This page contains 2 textboxes, we can use 2 variables to store username and password, if we wanna modify it late. But here I used “userName” as the username and “password” as password. Remember database (mySQL) is the secure place to store username and password and to retrieve them.

Code comes below :



if ($_GET['login']) {

     // Only load the code below if the GET

     // variable 'login' is set. You will

     // set this when you submit the form

     if ($_POST['username'] == 'userName'

         && $_POST['password'] == 'password') {

         // Load code below if both username

         // and password submitted are correct

         $_SESSION['loggedin'] = 1;

          // Set session variable

         header("Location: protected.php");


         // Redirect to a protected page

     } else echo "Wrong details";

     // Otherwise, echo the error message



Log in:

<form action="?login=1" method="post">

Username: <input type="text" name="username" />

Password: <input type="password" name="password" />

<input type="submit" />


Main Page [protected.php]

This page is the page, we protect with password. This page contains a link to logout



    // Call this function so your page

    // can access session variables


    if ($_SESSION['loggedin'] != 1) {

        // If the 'loggedin' session variable

        // is not equal to 1, then you must

        // not let the user see the page.

        // So, we'll redirect them to the

        // login page (login.php).


        header("Location: login.php");





Protected content goes here...

<a href="Logout.php">

click here to log out</a>

Logout [logout.php]

For logout, we simple destroy the session with session_destroy();

code is like the one, below : 




header("Location: login.php");


Thats all. you code all the three .php files or do ctrl+c and ctrl+v, place it in a same folder and try with ur LAMP or WAMP server.. 🙂

Happy coding 🙂

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s