Web20 University

How to creat a simple Login in PHP Without a Database

Creating a PHP login system without a database isn’t generally recommended for a real-world application, because it’s not secure and doesn’t scale well. However, for the purpose of learning or a simple project, you can create a basic login system using hardcoded username and password.

Here is an example of a basic PHP login system using a form and a hardcoded username and password:

// Set your credentials here
$correct_username = 'admin';
$correct_password = 'password';

if (isset($_POST['username']) && isset($_POST['password'])) {
    if ($_POST['username'] === $correct_username && $_POST['password'] === $correct_password) {
        echo 'Login successful';
        // Here you would typically set some session variables to remember the user is logged in
        // And then redirect the user to another page
    } else {
        echo 'Login failed: incorrect username or password';
} else {
    <form method="POST" action="">
        Username: <input type="text" name="username"><br>
        Password: <input type="password" name="password"><br>
        <input type="submit" value="Login">

This script will display a login form asking for a username and password. When the form is submitted, it checks if the entered username and password match the ones hardcoded in the script.

Keep in mind that this is just a basic example and is not suitable for a real-world application. This is mainly due to the lack of security considerations:

  • Passwords should never be stored in plain text, as it’s done here. In a real-world application, you should hash the password and then compare the hashed values.
  • This script is vulnerable to Cross-Site Scripting (XSS) attacks, because it outputs data directly without escaping it.
  • This script also lacks features that you’d typically want in a login system, like the ability to “remember me” or reset a forgotten password.