How to creat a simple Login in PHP Without a Database
Creating a PHP login system without a database isn’t generally recommended for a real-world application, because it’s not secure and doesn’t scale well. However, for the purpose of learning or a simple project, you can create a basic login system using hardcoded username and password.
Here is an example of a basic PHP login system using a form and a hardcoded username and password:
<?php
// Set your credentials here
$correct_username = 'admin';
$correct_password = 'password';
if (isset($_POST['username']) && isset($_POST['password'])) {
if ($_POST['username'] === $correct_username && $_POST['password'] === $correct_password) {
echo 'Login successful';
// Here you would typically set some session variables to remember the user is logged in
// And then redirect the user to another page
} else {
echo 'Login failed: incorrect username or password';
}
} else {
?>
<form method="POST" action="">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br>
<input type="submit" value="Login">
</form>
<?php
}
?>
This script will display a login form asking for a username and password. When the form is submitted, it checks if the entered username and password match the ones hardcoded in the script.
Keep in mind that this is just a basic example and is not suitable for a real-world application. This is mainly due to the lack of security considerations:
- Passwords should never be stored in plain text, as it’s done here. In a real-world application, you should hash the password and then compare the hashed values.
- This script is vulnerable to Cross-Site Scripting (XSS) attacks, because it outputs data directly without escaping it.
- This script also lacks features that you’d typically want in a login system, like the ability to “remember me” or reset a forgotten password.