Session in PHP example for Login and Logout

I know as a PHP beginner, Session and Cookies are one of the confusing topics. Because both stores user data. But the differences in both of them are session stored user data in server while cookies store user data in the user browser. Session data is only available for the current session while cookie can be stored for a longer period of time.

In this tutorial I am not going to cover cookies but I will cover PHP Session using login and logout example. Let’s have a look on what session do.

  • Session makes user data available across the whole website.
  • Session makes a temporary file in a server temporary directory which saves session data. Temporary file path is saved in php.ini file.
  • Sessions atomically destroys when user close the browser.
  • Session will start by calling session_start() function.
  • Session will destroy by calling session_destroy() function.

Session in PHP example for login and logout

I am going to create one HTML Login form with email and password fields. When user will submit the form, first I will check that both fields must have values then I will check user email exist or not. if email will exist then I will confirm user password. Password will be checked by password_verify function. If you don’t know how password_verify function works, then please read my post how to use PHP password_hash in registration and login form for better understanding.
If user adds correct email and password then will create session and send user to dashboard.php. In dashboard.php page there will be logout button. By clicking on logout user will easily logout and will redirect to index.php page. Not let’s start.

php session login logout example

Create Database:

Create Database Table:

Create Database Configuration file: (config.php)

This is a beginner tutorial so I am using mysqli_connect() function to connect to the database.

HTML Login Form: (index.php)

As you can see in the above html code. There is just a container div under which form code is written. Form action has $_SERVER['PHP_SELF'] which means form will be submitted on the same page.


After Form Submit PHP Code: (index.php)

I already mentioned that login form will be post on the same page so I wrote form submission code on the top of index.php file. First I include config.php file using require() function. Then I start session by calling session_start() function.

Always remember when you are working with sessions make sure that session_start() function must be placed on the top.

Afte that I used isset() for form submit and then I make sure that email and password must have values in the next isset() condition. Then I stored email and password using with trim() function in the $email and $password variables respectively. $sqlEmail is a mysql query which checks that email exists in the users table. $numRows variable holds the msyql result count and if $numRows returns 1 then I fetched that users records and store in $rows variable.

password_verify() function takes 2 parameters to verify user password. Parameter 1 is user submitted password and parameter 2 is already exist password.

If user submitted password and database password matches then I stored user id in $_SESSION['user_id'] variable, user first name in $_SESSION['first_name'] and user last name in $_SESSION['last_name'] and then I used header() function for redirection and send user dashboard.php page.

$errorMsg variable is used to hold error messages.

Also read: PHP Contact Form with jQuery validation and Email sending code

After Successful Login: (Dashboard.php)

In dashboard.php, I add session_start() function then I add another condition that is, if $_SESSION is not set then user will redirect to index.php. This condition prevents dashboard.php for not accessing without session.

After that there is a small chunk of html in which there is a welcome text with user name. And in the next line there is a logout button which goes to logout.php?logout=true.

Session Destroy: (logout.php)

In logout.php file, $_GET['logout'] is a query string that is coming from dashboard.php page. session_destroy() function destroys session variable and header() function will send user to index.php page.

Error Message: (index.php)

php login no user found

Successfully Logout Message: (index.php)

php session successfully logout

Right now there is a one user in the download code. Login id email is and password is john123. If you will face any problem please comment below on the post.

Also read:


Posted in PHP

One Reply to “Session in PHP example for Login and Logout”

Leave a Reply

Your email address will not be published. Required fields are marked *