Database Login Form
Database Login Form is an essential part of web applications that require users to authenticate themselves before accessing protected resources. CodeIgniter Database allows developers to easily implement secure login forms that authenticate users against a database.
Syntax
The syntax for a Database Login Form in CodeIgniter is as follows:
$this->load->library('form_validation');
$this->form_validation->set_rules('username', 'Username', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() == FALSE) {
// Display form
} else {
// Check database for user
// Authenticate user
}
Example
Consider the following database table users with columns id, username, and password:
| id | username | password |
|---|---|---|
| 1 | john | abc123 |
| 2 | jane | def456 |
To create a login form that authenticates users against this database, the following steps can be followed:
- Create a HTML form with inputs for
usernameandpassword. - Add validation rules for the
usernameandpasswordinputs. - If the form is submitted, check the database for a user with the same
usernameandpassword. - If a matching user is found, authenticate them and redirect to the appropriate page.
- If no matching user is found, display an error message and reload the login form.
// Load form validation library
$this->load->library('form_validation');
// Set validation rules for username and password
$this->form_validation->set_rules('username', 'Username', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() == FALSE) {
// Display login form
$this->load->view('login_form');
} else {
// Get input values for username and password
$username = $this->input->post('username');
$password = $this->input->post('password');
// Check database for user with matching username and password
$user = $this->db->get_where('users', array('username' => $username, 'password' => $password))->row();
// If user is found, authenticate them and redirect to dashboard
if ($user) {
// Set session data for authenticated user
$this->session->set_userdata('user_id', $user->id);
$this->session->set_userdata('username', $user->username);
// Redirect to dashboard
redirect('dashboard');
} else {
// If no user is found, display error message and reload login form
$data['error'] = 'Invalid username or password.';
$this->load->view('login_form', $data);
}
}
Explanation
In the example above, a CodeIgniter Controller is used to handle the login form submission. The form validation library is loaded to set validation rules for the username and password inputs. If the form is not properly filled out, an error message is displayed and the form is reloaded. If the form is successfully submitted, the controller checks the provided username and password against the users table in the database. If a matching user is found, the user is authenticated and redirected to the dashboard. If no matching user is found, an error message is displayed and the form is reloaded.
Use
Database Login Forms are commonly used in web applications that require users to authenticate before accessing protected resources. CodeIgniter makes it easy to implement secure login forms that authenticate users against a database. The CodeIgniter form validation library can be used to enforce validation rules for form input, ensuring data integrity and security.
Important Points
- Login forms should never store plain text passwords in the database. Instead, passwords should be hashed and salted for security.
- CodeIgniter provides a built-in security library that can be used to hash passwords and implement other security measures.
Summary
Database Login Forms are an essential part of web applications that require user authentication. CodeIgniter provides a simple and secure way to implement login forms that authenticate users against a database. The form validation library can be used to enforce validation rules for form input, ensuring data integrity and security. Storing plain text passwords in the database should be avoided at all costs, and the CodeIgniter security library can be used to implement secure practices.