-->

Create Login Page with Session and Cookies in PHP

This tutorial will give you an idea on how to use the stored cookie to login and I've added a "logout" function that destroys both session and cookie.

Creating our Database

First, we're going to create a database that contains our data.
1. Open phpMyAdmin.
2. Click databases, create a database and name it as "cookie".
3. After creating a database, click the SQL and paste the below code. See image below for detailed instruction.
  1. CREATE TABLE `user` (
  2. `userid` INT(11) NOT NULL AUTO_INCREMENT,
  3. `username` VARCHAR(30) NOT NULL,
  4. `password` VARCHAR(30) NOT NULL,
  5. `fullname` VARCHAR(60) NOT NULL,
  6. PRIMARY KEY (`userid`)
  7. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
cookie_login

Inserting Data into our Database

Next, we insert users into our database. This will be our reference when we login.
1. Click the database the we created earlier.
2. Click SQL and paste the code below.
  1. INSERT INTO `user` (`username`, `password`, `fullname`) VALUES
  2. ('neovic', 'devierte', 'neovic devierte'),
  3. ('lee', 'ann', 'lee ann');

Creating our Connection

Next step is to create a database connection and save it as "conn.php". This file will serve as our bridge between our form and our database. To create the file, open your HTML code editor and paste the code below after the tag.
  1. <?php
  2. $conn = mysqli_connect("localhost","root","","cookie");
  3. // Check connection
  4. {
  5. echo "Failed to connect to MySQL: " . mysqli_connect_error();
  6. }
  7. ?>

Creating our Login Form

Next is to create our login form. In this form, I've added a code that if ever there's a cookie stored, it will show in the login inputs. To create the form, open your HTML code editor and paste the code below after the tag. We name this as "index.php".
  1. <?php
  2. include('conn.php');
  3. ?>
  4. <!DOCTYPE html>
  5. <html>
  6. <head>
  7. <title>Login Using Cookie with Logout</title>
  8. </head>
  9. <body>
  10. <h2>Login Form</h2>
  11. <form method="POST" action="login.php">
  12. <label>Username:</label> <input type="text" value="<?php if (isset($_COOKIE["user"])){echo $_COOKIE["user"];}?>" name="username">
  13. <label>Password:</label> <input type="password" value="<?php if (isset($_COOKIE["pass"])){echo $_COOKIE["pass"];}?>" name="password"><br><br>
  14. <input type="checkbox" name="remember"> Remember me <br><br>
  15. <input type="submit" value="Login" name="login">
  16. </form>
  17. <span>
  18. <?php
  19. if (isset($_SESSION['message'])){
  20. echo $_SESSION['message'];
  21. }
  22. unset($_SESSION['message']);
  23. ?>
  24. </span>
  25. </body>
  26. </html>

Creating our Login Script

Next step is creating our login script. We name this script as "login.php".
  1. <?php
  2. if(isset($_POST['login'])){
  3. include('conn.php');
  4. $username=$_POST['username'];
  5. $password=$_POST['password'];
  6. $query=mysqli_query($conn,"select * from `user` where username='$username' && password='$password'");
  7. if (mysqli_num_rows($query) == 0){
  8. $_SESSION['message']="Login Failed. User not Found!";
  9. header('location:index.php');
  10. }
  11. else{
  12. $row=mysqli_fetch_array($query);
  13. if (isset($_POST['remember'])){
  14. //set up cookie
  15. setcookie("user", $row['username'], time() + (86400 * 30));
  16. setcookie("pass", $row['password'], time() + (86400 * 30));
  17. }
  18. $_SESSION['id']=$row['userid'];
  19. header('location:success.php');
  20. }
  21. }
  22. else{
  23. header('location:index.php');
  24. $_SESSION['message']="Please Login!";
  25. }
  26. ?>

Creating our Login Success Page

Next, we create a go to page if login is successful. This page will show the user that login successfully. We name this page as "success.php". In this page, I've added the logout link to destroy both session and cookie.
  1. <?php
  2. if (!isset($_SESSION['id']) ||(trim ($_SESSION['id']) == '')) {
  3. header('index.php');
  4. exit();
  5. }
  6. include('conn.php');
  7. $query=mysqli_query($conn,"select * from user where userid='".$_SESSION['id']."'");
  8. $row=mysqli_fetch_assoc($query);
  9. ?>
  10. <!DOCTYPE html>
  11. <html>
  12. <head>
  13. <title>Setting Up Cookie on User Login</title>
  14. </head>
  15. <body>
  16. <h2>Login Success</h2>
  17. <?php echo $row['fullname']; ?>
  18. <br>
  19. <a href="logout.php">Logout</a>
  20. </body>
  21. </html>

Creating our Logout Script

Last is our logout script. This script destroys both our session and cookie then redirect us back to our login page. We name the script as "logout.php".
  1. <?php
  2. if (isset($_COOKIE["user"]) AND isset($_COOKIE["pass"])){
  3. setcookie("user", '', time() - (3600));
  4. setcookie("pass", '', time() - (3600));
  5. }
  6. header('location:index.php');
  7. ?>