Create a Simple Login with Validation PHP/MySQLi PHP Script

Create a Simple Login with Validation PHP/MySQLi PHP Script

In this tutorial will show you how to create a simple login with user input validation using PHP/MySQLi. This tutorial does not include a good design but will give you an idea on how to create a simple Login using PHP/MySQLi.
Creating our Database

First, we’re going to create a database that contains the user data.
1. Open phpMyAdmin.
2. Click databases, create a database and name it as “login”.
3. After creating a database, click the SQL and paste the below code. See image below for detailed instruction.


`username` VARCHAR(30) NOT NULL,
`password` VARCHAR(30) NOT NULL,
`fullname` VARCHAR(60) NOT NULL,
PRIMARY KEY (`userid`)



Inserting Data into our Database

Next, we insert a data into our database to check whether a user is found in our database.
1. Click our database “login”.
2. Click SQL and paste the below code.


INSERT INTO `user` (`username`, `password`, `fullname`) VALUES
('user', 'user', 'hello world');


Creating our Connection

Next step is to create a database connection and save it as “conn.php”. This file will serve as our bridge between our form and our database. To create the file, open your HTML code editor and paste the code below after the tag.


$conn = mysqli_connect("localhost","root","","login");

// Check connection
if (mysqli_connect_errno())
echo "Failed to connect to MySQL: " . mysqli_connect_error();


Creating our Login Form and Login Script

Lastly, we create our Login Form with the login script and save it as “index.php”. In this form, the inputted data of the user will be checked if it is found in the database that we created earlier. To create the form, open your HTML code editor and paste the code below after the tag.


<!DOCTYPE html>
<title>Login with Validation PHP, MySQLi</title>
.message {color: #FF0000;}

// define variables and set to empty values
$Message = $ErrorUname = $ErrorPass = "";


$username = check_input($_POST["username"]);

if (!preg_match("/^[a-zA-Z0-9_]*$/",$username)) {
$ErrorUname = "Space and special characters not allowed but you can use underscore(_).";

$fpassword = check_input($_POST["password"]);

if ($ErrorUname!=""){
$Message = "Login failed! Errors found";

$query=mysqli_query($conn,"select * from `user` where username='$fusername' && password='$fpassword'");

if ($num_rows>0){
$Message = "Login Successful!";
$Message = "Login Failed! User not found";


function check_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;

<h2>Login Form</h2>
<p><span class="message">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Username: <input type="text" name="username" required>
<span class="message">* <?php echo $ErrorUname;?></span>
Password: <input type="password" name="password" required>
<span class="message">* <?php echo $ErrorPass;?></span>
<input type="submit" name="submit">

<span class="message">
if ($Message=="Login Successful!"){
echo $Message;
echo 'Welcome, '.$row['fullname'];
echo $Message;





Read Me


Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *