9 Replies to “A Simple PHP/MySQL Authentication Script for Logins”

  1. i have read the above login. authentication. please have some questions

    1. How can i add the above Mysql table to an existing database. my web host is godaddy.com. i cant seem to find anywhere to input the above file? again i want to know if the above MYsql table can be saved and then imported to the database and then run the sql query? what format can this be saved before uploading to godaddy database?

    2. please what do you mean by editing the mail () function? which of the mail function should i edit in the login.php?

    3. when you say local host? what is the local host an IP address or web domain? what are the Mysql credential to edit?

    please i want to know if you can help with the above questions as i am about setting login in our website.

    1. Hi Chukwunonso,

      1. I haven’t looked at GoDaddy’s interface in a while, though I believe under their “hosting” section for a hosting plan, there’s an option to do MySQL stuff on there (I cannot remember if its phpMyAdmin or their own interface). Try their knowledge base and see if anyone else had the same problem.

      2. There is only one mail() function in the script, and it’s commented out just so you can see how it works (you get shown the contents of the email instead of them being emailed to you). It’s important that the contents are actually mailed.

      3. localhost is a loopback interface that points to your own computer. On most systems it corresponds to the IP address You can run the script on any host you like, just be sure to update the variable containing the hostname (as it is used in the mail() function to give users a link to reset a lost password).

      All the best.

      1. Hi Richard,

        thanks for replying.

        1. which number above do i find the mail () and will it look like this mail(info@sunflowerenergy.org)?

        2. i have so many IP in my webserver that can be the Host name. 1. is the which is the database server. 2. is the IP address for the website or is it the sunflowerenergy.org

        3. how do i insert the login.php to a HTML Login form Page? or how can the forms in the login.php be used?

        pleaese can i have your email address? so i can follow you up there.

        1. Hello again Chukwunonso,

          1. You uncomment line 232 and comment out line 233
          2. Use your domain name. There’s only one reason this variable is required, it’s so a hyperlink can be created to point to your website when an email is sent out.
          3. Trial and error 🙂 I have variations of this script that I use alongside an admin user interface. I’d suggest if you feel it’s too complicated to use then you’d be better off with something more ‘off the shelf’, or hiring someone to help you out. The HTML forms used are made as simple as can be for the script to be functional. How you choose to style them or how you want to include them is up to you. In many cases it requires a degree of confidence/knowledge in your coding skills to achieve what you’re after.

  2. Richard,

    Thanks for posting this — I was building my own PHP login script; this is much better. Just had a quick question: how do I identify the user in the later pages?

    Upon login, a cookie is set with the value of the session hash. The sessions table stores the hash value and the user id. I wanted to pull the user id from the sessions table, and then use that to identify the username from the users table. So I wrote a mysql query to select the user id from the row that matched the hash value in the cookie, but for some bloody reason (which I’m sure is quite reasonable) the query returns zero rows.

    Normally, I use sessions for this kind of thing. But it really seems like I should be able to use the cookie. And then I don’t have to worry about the cookie and session expiring at different times and bolluxing up the authentication of the user.

    Is there a simple solution for using the cookie here?
    Thanks, mate.

  3. In looking for a better authentication login process I came across yours. It was made some time ago so wonder if you are still in the helping mood? I “probably” fall into the final paragraph of your last comment as very much a cut and paste website developer for a home / family website.
    Using my cut and paste process what else do I need to add and where to get it all to work? It looks like I need a form of sorts.. could you elaborate on that and where to place it (separate page or included in this one)?
    Your comment about a local host loop back also confuses me.. what needs doing there?
    Thank you for your time..

  4. Thanks for this awesome code!
    I would like some help though implementing this part:

    // Login as user, for use within an admin area to impersonate a logged in user
    // You should add in the session value yourself in the admin area using $this->session_add($userid,$type = ‘login’) and then login via this method/URI

    Would you explain how to enable this, as if it were for dummies?


  5. Yet another question,
    how do you apply this authentication across the site, recursively, I mean, I have implemented this in root directory, but I still access subdirectory files being logged out.
    And also related to this, how can I apply it to same level directories without logging again?

Leave a Reply

Your email address will not be published. Required fields are marked *