Easily Create PHP Cookie Based Secure Login System
Learn how to securely us php cookie to create login system.
Watch the video first:
Get the code below:
Ajax.php
<?php
//--->get app url > start
if (isset($_SERVER['HTTPS']) &&
($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$ssl = 'https';
}
else {
$ssl = 'http';
}
$app_url = ($ssl )
. "://".$_SERVER['HTTP_HOST']
//. $_SERVER["SERVER_NAME"]
. (dirname($_SERVER["SCRIPT_NAME"]) == DIRECTORY_SEPARATOR ? "" : "/")
. trim(str_replace("\\", "/", dirname($_SERVER["SCRIPT_NAME"])), "/");
//--->get app url > end
header("Access-Control-Allow-Origin: *");
//app url
define("APPURL", $app_url);
//absolute path to root directory of app
define("ABSPATH", str_replace("\\", "/", dirname(__FILE__) ) );
if(isset($_GET['code']))
{
echo json_encode(array('status'=>'success', 'url'=>APPURL.'/dashboard.php'));
//setcookie('code',$_GET['code']);
//securly set php cookie
setcookie('code',$_GET['code'],null,'/',null, true,false);
}
else{
echo json_encode(array('status'=>'error', 'msg'=>'no code set',));
}
?>
index.php
<?php
//--->get app url > start
if (isset($_SERVER['HTTPS']) &&
($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$ssl = 'https';
}
else {
$ssl = 'http';
}
$app_url = ($ssl )
. "://".$_SERVER['HTTP_HOST']
//. $_SERVER["SERVER_NAME"]
. (dirname($_SERVER["SCRIPT_NAME"]) == DIRECTORY_SEPARATOR ? "" : "/")
. trim(str_replace("\\", "/", dirname($_SERVER["SCRIPT_NAME"])), "/");
//--->get app url > end
if(isset($_COOKIE['code']))
{
header('Location: '. $app_url.'/dashboard.php');
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>PHP Best Way To Secure Login</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/bootstrap.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container text-center" style="padding-top: 100px;">
<h1>PHP Secure Cookie Login System</h1>
<br>
<label for="">Code</label>
<input type="text" class="code"><br><br>
<span class="btn_login btn btn-success">Login - Code With Mark</span><br>
</div>
<script>
$(document).ready(function () {
var ajax_url = '<?php echo $app_url ?>/ajax.php';
$('.btn_login').click(function (e)
{
e.preventDefault();
$.ajax({
type: "get",
url:ajax_url,
data: {code:$('.code').val()},
dataType: "json",
success: function (d1){
if(d1.status == 'success')
{
window.location.href = d1.url;
}
else
{
console.log(d1)
}
}
});
});
});
</script>
</body>
</html>
Dashboard.php
<?php
//--->get app url > start
if (isset($_SERVER['HTTPS']) &&
($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$ssl = 'https';
}
else {
$ssl = 'http';
}
$app_url = ($ssl )
. "://".$_SERVER['HTTP_HOST']
//. $_SERVER["SERVER_NAME"]
. (dirname($_SERVER["SCRIPT_NAME"]) == DIRECTORY_SEPARATOR ? "" : "/")
. trim(str_replace("\\", "/", dirname($_SERVER["SCRIPT_NAME"])), "/");
//--->get app url > end
header("Access-Control-Allow-Origin: *");
//app url
define("APPURL", $app_url);
//absolute path to root directory of app
define("ABSPATH", str_replace("\\", "/", dirname(__FILE__) ) );
if(!isset($_COOKIE['code']))
{
header('Location: '. $app_url);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>PHP Best Way To Secure Login</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/bootstrap.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container text-center" style="padding-top: 100px;">
<h1>Welcome to Dashboard...</h1>
<br>
<p>Your entered code: <strong></strong> <?php echo $_COOKIE['code']?></strong> </p>
</div>
</body>
</html>
You spend weeks building a project.
Your client pays you.
Then the income stops.
Meanwhile, other developers are turning similar skills into products that generate revenue month after month.
A SaaS, plugin, web app, or digital product can continue bringing in customers long after it's launched.
The real question isn't whether you can build one.
It's how much money you're leaving on the table by not starting.
Learn How To Build Monthly Income →