Part 8 (A & B): Login System with Session and Security.
Login System with Session and Security. (Admin Roles): Multi Login / User and Admin Login in PHP
As per the video, we have already downloaded the files and linked the CSS and JS.
Do not forget to Copy Step 4: if you are following from previous parts. because in this security.php we are checking loggedIN or not.
Step 1: Create a login.php page and paste the below:
<?php
session_start();
?>
<div class="container">
<!-- Outer Row -->
<div class="row justify-content-center">
<div class="col-xl-6 col-lg-6 col-md-6">
<div class="card o-hidden border-0 shadow-lg my-5">
<div class="card-body p-0">
<!-- Nested Row within Card Body -->
<div class="row">
<div class="col-lg-12">
<div class="p-5">
<div class="text-center">
<h1 class="h4 text-gray-900 mb-4">Login Here!</h1>
<?php
if(isset($_SESSION['status']) && $_SESSION['status'] !='')
{
echo '<h2 class="bg-danger text-white"> '.$_SESSION['status'].' </h2>';
unset($_SESSION['status']);
}
?>
</div>
<form class="user" action="code.php" method="POST">
<div class="form-group">
<input type="email" name="emaill" class="form-control form-control-user" placeholder="Enter Email Address...">
</div>
<div class="form-group">
<input type="password" name="passwordd" class="form-control form-control-user" placeholder="Password">
</div>
<button type="submit" name="login_btn" class="btn btn-primary btn-user btn-block"> Login </button>
<hr>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
Step 2: Create a page with the name code.php and paste the below code.
<?php
include('security.php');
if(isset($_POST['login_btn']))
{
$email_login = $_POST['emaill'];
$password_login = $_POST['passwordd'];
$query = "SELECT * FROM register WHERE email='$email_login' AND password='$password_login' LIMIT 1";
$query_run = mysqli_query($connection, $query);
if(mysqli_fetch_array($query_run))
{
$_SESSION['username'] = $email_login;
header('Location: index.php');
}
else
{
$_SESSION['status'] = "Email / Password is Invalid";
header('Location: login.php');
}
}
?>
Step 3: Create a folder called database and then create a file named dbconfig.php and paste the below code.
<?php
$server_name = "localhost";
$db_username = "root";
$db_password = "";
$db_name = "adminpanel";
$connection = mysqli_connect($server_name,$db_username,$db_password,$db_name);
if(!$connection)
{
die("Connection failed: " . mysqli_connect_error());
echo '
<div class="container">
<div class="row">
<div class="col-md-8 mr-auto ml-auto text-center py-5 mt-5">
<div class="card">
<div class="card-body">
<h1 class="card-title bg-danger text-white"> Database Connection Failed </h1>
<h2 class="card-title"> Database Failure</h2>
<p class="card-text"> Please Check Your Database Connection.</p>
<a href="#" class="btn btn-primary">:( </a>
</div>
</div>
</div>
</div>
</div>
';
}
?>
Step 4: Create a page security.php and paste the below code.
<?php
session_start();
include('database/dbconfig.php');
if($connection)
{
// echo "Database Connected";
}
else
{
header("Location: database/dbconfig.php");
}
if(!$_SESSION['username'])
{
header('Location: login.php');
}
?>