Easily Create PHP Cookie Based Secure Login System
Learn how to securely us php cookie to create login system.
Watch the video first:
Get the code below:
Ajax.php
<?php
//--->get app url > start
if (isset($_SERVER['HTTPS']) &&
($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$ssl = 'https';
}
else {
$ssl = 'http';
}
$app_url = ($ssl )
. "://".$_SERVER['HTTP_HOST']
//. $_SERVER["SERVER_NAME"]
. (dirname($_SERVER["SCRIPT_NAME"]) == DIRECTORY_SEPARATOR ? "" : "/")
. trim(str_replace("\\", "/", dirname($_SERVER["SCRIPT_NAME"])), "/");
//--->get app url > end
header("Access-Control-Allow-Origin: *");
//app url
define("APPURL", $app_url);
//absolute path to root directory of app
define("ABSPATH", str_replace("\\", "/", dirname(__FILE__) ) );
if(isset($_GET['code']))
{
echo json_encode(array('status'=>'success', 'url'=>APPURL.'/dashboard.php'));
//setcookie('code',$_GET['code']);
//securly set php cookie
setcookie('code',$_GET['code'],null,'/',null, true,false);
}
else{
echo json_encode(array('status'=>'error', 'msg'=>'no code set',));
}
?>
index.php
<?php
//--->get app url > start
if (isset($_SERVER['HTTPS']) &&
($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$ssl = 'https';
}
else {
$ssl = 'http';
}
$app_url = ($ssl )
. "://".$_SERVER['HTTP_HOST']
//. $_SERVER["SERVER_NAME"]
. (dirname($_SERVER["SCRIPT_NAME"]) == DIRECTORY_SEPARATOR ? "" : "/")
. trim(str_replace("\\", "/", dirname($_SERVER["SCRIPT_NAME"])), "/");
//--->get app url > end
if(isset($_COOKIE['code']))
{
header('Location: '. $app_url.'/dashboard.php');
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>PHP Best Way To Secure Login</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/bootstrap.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container text-center" style="padding-top: 100px;">
<h1>PHP Secure Cookie Login System</h1>
<br>
<label for="">Code</label>
<input type="text" class="code"><br><br>
<span class="btn_login btn btn-success">Login - Code With Mark</span><br>
</div>
<script>
$(document).ready(function () {
var ajax_url = '<?php echo $app_url ?>/ajax.php';
$('.btn_login').click(function (e)
{
e.preventDefault();
$.ajax({
type: "get",
url:ajax_url,
data: {code:$('.code').val()},
dataType: "json",
success: function (d1){
if(d1.status == 'success')
{
window.location.href = d1.url;
}
else
{
console.log(d1)
}
}
});
});
});
</script>
</body>
</html>
Dashboard.php
<?php
//--->get app url > start
if (isset($_SERVER['HTTPS']) &&
($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$ssl = 'https';
}
else {
$ssl = 'http';
}
$app_url = ($ssl )
. "://".$_SERVER['HTTP_HOST']
//. $_SERVER["SERVER_NAME"]
. (dirname($_SERVER["SCRIPT_NAME"]) == DIRECTORY_SEPARATOR ? "" : "/")
. trim(str_replace("\\", "/", dirname($_SERVER["SCRIPT_NAME"])), "/");
//--->get app url > end
header("Access-Control-Allow-Origin: *");
//app url
define("APPURL", $app_url);
//absolute path to root directory of app
define("ABSPATH", str_replace("\\", "/", dirname(__FILE__) ) );
if(!isset($_COOKIE['code']))
{
header('Location: '. $app_url);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>PHP Best Way To Secure Login</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/bootstrap.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container text-center" style="padding-top: 100px;">
<h1>Welcome to Dashboard...</h1>
<br>
<p>Your entered code: <strong></strong> <?php echo $_COOKIE['code']?></strong> </p>
</div>
</body>
</html>
Most web developers get paid once for the work they do.
But what if you could use those same skills to build something that continues generating income long after it's launched?
A simple SaaS, plugin, web app, or digital product can keep bringing in customers and revenue month after month.
Instead of starting from zero with every new client project, you can create assets that work for you—even when you're not.
Learn How To Build Monthly Income →