« Make php counterProtect email address from spam bots »

Create user login in PHP Posted in PHP Tutorials | 146 Comments
PHP is a good alternative when you decide to add a password protected web pages on your web site. You can also use htaccess password protection but with PHP you can create a lot more complex and configurable protection. In this example I will use SESSION variables for login verification.

Lets start with building a configuration file for setting up all the username/password combinations. Create a new passwords.php file and add the following code in it.

$USERS["username1"] = "password1";
$USERS["username2"] = "password2";
$USERS["username3"] = "password3";

function check_logged(){
global $_SESSION, $USERS;
if (!array_key_exists($_SESSION["logged"],$USERS)) {
header("Location: login.php");

Above code creates an $USER array with 3 username/password combinations. We also did a function which will be used later to check if an user is logged in or not. What we need now is a login page (called login.php) where users will enter their username and password and will login.

if ($_POST["ac"]=="log") { /// do after login form is submitted
if ($USERS[$_POST["username"]]==$_POST["password"]) { /// check if submitted
username and password exist in $USERS array
} else {
echo 'Incorrect username/password. Please, try again.';
if (array_key_exists($_SESSION["logged"],$USERS)) { //// check if user is logged or not
echo "You are logged in."; //// if user is logged show a message
} else { //// if not logged show login form
echo '<form action="login.php" method="post"><input type="hidden" name="ac" value="log"> ';
echo 'Username: <input type="text" name="username" /><br />';
echo 'Password: <input type="password" name="password" /><br />';
echo '<input type="submit" value="Login" />';
echo '</form>';

In order to use the user login feature for your PHP files you need to put that code at the very top of each of your PHP files that need to be protected.

session_start(); /// initialize session
check_logged(); /// function checks if visitor is logged.
If user is not logged the user is redirected to login.php page

your page code goes here

Do you know PHP / HTML / CSS / JS well?

Write tutorial on a topic you are good in and become a trusted PHP jabber! Share your knowledge with thousands of webmasters and we will reward you for your generosity by giving you bonus points which you can use as a voucher to buy any of our commercial products. Read more about our reward program.

146 Replies to "Create user login in PHP"

acantjong April 18, 2014 at 5:21 pm | Reply


Dreaming that one day, i can make my own login form. But for now this things is too weight for me :p
Pradeep March 17, 2014 at 3:36 pm | Reply


For a simple login module You can check
David March 13, 2014 at 9:34 am | Reply


am new to PHP and this is a lifesaver! Thank you so much. It works great!
Kyle Pastor February 26, 2014 at 11:11 pm | Reply


Simple and clean :D Thanks!
kyara ayala February 10, 2014 at 4:57 am | Reply


hi thanks
s.jeya pradeen January 26, 2014 at 2:21 pm | Reply


nice code...
Huzefa Akhter January 13, 2014 at 10:22 am | Reply


Good Script.

Simple, does the job and works 100%.
madhawa priyashantha January 4, 2014 at 10:22 am | Reply


i'm creating using your codes..thanks
Johan Brissmyr December 19, 2013 at 4:49 pm | Reply


This is a good alternative to keeping the same logic in your .htaccess. Much more obvious to understand what happens when you browse the source code. Not super-safe, but works in smaller projects where you don't need to keep track on other people's secret passwords.

In larger projects you may want to try something like Userbin (http://bit.ly/1dRuWYw) to securely store and access your user credentials and protect your pages with a nice user interface. It's available for PHP and super-easy to integrate.
Eena November 21, 2013 at 6:32 am | Reply


Parse error: syntax error, unexpected T_STRING in C:\xampp\htdocs\multiple\login.php on line 6 why???
J December 18, 2013 at 12:28 am


The comment is splitting into two lines when you copy and paste.
"/// check if submitted username and password exist in $USERS array"

Please be polite and helpful and do not spam or offend others. We promise you will be treated the same way.

Log in your free account or if you still haven't joined our Webmaster Community Reward Program, you can create your free account now.

Posting tip:
if you use code in your comments please put it in these tags [php], [sql], [css], [js]
PHP code example: [php] echo date("Y-m-d"); [/php]

Thank you,
~ PHPJabbers team ~