PHP Login Page Example with Code Samples

Reading time: 2 minutes.


A PHP login page typically involves a front-end HTML form where users input their credentials, and a back-end PHP script to verify these credentials against a database. For this example, we’ll use a MySQL database.

PHP Login Page


  1. PHP Environment: You need a server with PHP installed. You can use local servers like XAMPP or WAMP.
  2. Database: MySQL database. We’ll create a users table.
  3. Front-end: Basic knowledge of HTML and CSS.

Step 1: Setting Up the Database

First, create a MySQL database named login_system and a table users.

CREATE DATABASE login_system;
USE login_system;

    username VARCHAR(50) NOT NULL,
    password VARCHAR(255) NOT NULL

Insert a test user:

INSERT INTO users (username, password) VALUES ('testUser', MD5('testPass'));

Step 2: Creating the Login Form

Create an HTML file login.html.

<!DOCTYPE html>
    <title>Login Page</title>
    <form action="login.php" method="post">
        Username: <input type="text" name="username"><br>
        Password: <input type="password" name="password"><br>
        <input type="submit" value="Login">

Step 3: Writing the PHP Script

Create a PHP file login.php.

$servername = "localhost";
$username = "root";
$password = "";
$dbname = "login_system";

$conn = new mysqli($servername, $username, $password, $dbname);

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);

$user = $_POST['username'];
$pass = MD5($_POST['password']);

$sql = "SELECT id FROM users WHERE username='$user' AND password='$pass'";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
    echo "Login successful!";
} else {
    echo "Invalid username or password.";

Step 4: Securing the Login Script

While the above script works, it’s vulnerable to SQL injection. Use prepared statements to secure it.

Replace the $sql line and onwards in login.php with:

$stmt = $conn->prepare("SELECT id FROM users WHERE username=? AND password=?");
$stmt->bind_param("ss", $user, $pass);
$result = $stmt->get_result();

if ($result->num_rows > 0) {
    echo "Login successful!";
} else {
    echo "Invalid username or password.";


Step 5: Adding Sessions

To keep the user logged in, use PHP sessions.

Add at the beginning of login.php:


And modify the successful login condition:

if ($result->num_rows > 0) {
    $_SESSION['user'] = $user;
    echo "Login successful!";
    // Redirect to another page
} else {
    echo "Invalid username or password.";


PHP Login Page

This basic example demonstrates how to create a PHP login page. Remember, for a production environment, you need to consider more robust security measures like HTTPS, password hashing, and more.

Additional Tips

  1. Validation: Add front-end and back-end validation for the inputs.
  2. Password Security: Use password hashing functions like password_hash() and password_verify().
  3. HTTPS: Always use HTTPS to protect sensitive data transmissions.

Wrapping Up

This post covered the essential steps to create a PHP login system. It’s important to build upon these basics and add more layers of security and functionality as per your project’s requirements. Happy coding!

Leave a Comment

Please note: if you are making a comment to contact me about advertising and placements, read the Advertisers page for instructions. I will not reply to comments about this subject.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top