Comments

  1. says

    if (!$result->num_rows == 1) {
    echo “Invalid username/password combination”;
    } else {
    echo header (“Location:page1.php”);

    i Want to use this Kindly tell me . This Gives error Cannot modify header information – headers already sent by

    • says

      Hi Gurmeet,
      Header must be sent before any output is made.
      Do not output anything before the header call. Move your code to the very beginning of the file, before any output.
      Also check for accidental white spaces before “<?php”, like below:
       <?php //code… ?>

  2. anonymous says

    Access forbidden!

    You don’t have permission to access the requested object. It is either read-protected or not readable by the server.

    If you think this is a server error, please contact the webmaster.

    Error 403

    localhost
    2/6/2014 9:54:19 PM
    Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1

    ———————–

    What will I do with this error. Please help. Thanks! :)

      • anonymous says

        Hello, I already fixed that error. Now have another error. Everytime I try to register or login, it always shows “Invalid username/password combination” even though I put the right input. What should I do? Thanks! :)

  3. fgalway says

    How do I make certain pages only visible to logged in users. Also is there a way so that upon registration admin has to approve the user?

    • says

      Hi,
      To do that, store the login status for each user to their browser using session and then on that page use the code below.

      logged_in function must be defined.
      For the approve part, add a field “approved” to your users table on database. Then on registration page, set default “approved” value to false. Now you’ve to approve the user (update “approved” value to true).

      • fgalway says

        Could I write this in login.php ;
        $username = $_POST['username'];
        $password = $_POST['password'];
        $approve = $_POST['approve'];

        $sql = “SELECT * from users WHERE username LIKE ‘{$username}’ AND password LIKE ‘{$password}’ AND approve LIKE ‘[$approve}’ “;

        And then something along the lines of

        • says

          Hi, you can try like this -

          On the register.php,

          On the login.php

          On the login.php, there is no need to pass $approve variable in the sql. Because we’ll only let a user login if he/she is approved. So, it’ll be always true while querying the database.

          • fgalway says

            thank you I see what I was doing wrong, for the sessions , is this suitable as the logged_in() function;
            function logged_in() {
            return (isset($_SESSION['login'])) ? true : false;
            }
            Can you add an email upon registration in the registration.php or does there need to be another?

          • says

            Yes, only the isset will do the job.

            Pardon, I didn’t understood your last question…

        • says

          Hi Rene,
          This article is just about a simple login system, no session is used. So we’ll be able to just login – but it will not be kept.
          To keep a user logged in, at the very beginning of login.php put session_start(); before any character is printed.
          Then user $_SESSION['userID'], $_SESSION['expiry'], etc. to store user data and keep a user logged in.
          As I said to Conner, I’ll post a tutorial about remember me and log out facility ASAP. It’ll be extension of this post.
          Thank you.

  4. dennis says

    I copy your code above but it says FORBIDDEN. You don’t have permission to access /< on this server.

        • says

          The code is okay. Are you getting this error on both register.php and login.php?
          I’m sure there must be some misconfiguration in apache. Try to install Apache 2.4.2.
          To install, download Apache 2.4.2 and extract to \wamp\bin\apache
          Then start WAMP server > select Apache > Version > 2.4.2

    • says

      Hello lillycrak,
      I’m really sorry for the delay, I’ve not noticed your comment.
      You can do an AJAX call on each link of your page and send the required data to something like process.php
      Then fetch the data, process it and store it into database from process.php
      Thank you

  5. carl says

    Hello! I get this error when registering an account “MySQL error no 2005 : Unknown MySQL server host ‘SERVER’ (0)”. Whats the problem and how do I sort of link this to a members area only. Please don’t criticise me, I’m new to php

    • says

      Hello Carl,
      Please be confident, no one will criticize you! You do mistakes === You learn something!
      The error is caused by putting wrong MySQL Server Host info. Please change MySQL host with correct value. It may be located at config.php or db-config.php or whatever you named and stored it :-)

  6. suriyakmr says

    After Registration when i clicked the submit button It showning like this.. And i using xampp
    How to fix it?????
    Warning: mysqli::mysqli(): php_network_getaddresses: getaddrinfo failed: No such host is known. in C:\xampp\htdocs\login\login.php on line 20

    Warning: mysqli::mysqli(): (HY000/2002): php_network_getaddresses: getaddrinfo failed: No such host is known. in C:\xampp\htdocs\login\login.php on line 20

    MySQL error no 2002 : php_network_getaddresses: getaddrinfo failed: No such host is known.

    • says

      Hi Suriyakmr,
      Right parameter order of mysqli_connect() is:

      I guess you’ve swapped values like this

  7. says

    Hi There,

    How can i make a log out facility ? im thinking of an end_session() function but what would be defined !, any help is appreciated :) and a great tutorial !

    ~Conner

  8. Kevin says

    Hello,
    I have already seen comments questioning this but I was able to get all of this code to work great with my page, I just want to make it so that once the user is logged in, they will be recognized as being logged in and will have access to pages that require the user to be logged in. You say to put session_start() in, do I need to put that in every php code area? Also, after all of the php code in login.php, am I supposed to add more information so that the session is officially started and the user is recognized? Finally, what do I need to place at the top of every page that I need to be secure and have the user be logged in for?

  9. Felipe Garcia says

    Thank you very much man, i’ve been stuck on this shit 2 days and this made ir for me, again thank you so much

    • says

      Hi Syafiq,
      While registering a session on client side, you need to send them to server via GET/POST.
      After that, you can display them or do whatever you want with the data you got.

  10. DP says

    Hey, how do i allow logged in users to stay logged in within all the different pages? what is the php code i need to add at the top of each page to do this? and how do i change a logged in button to ‘your account’ when logged in? thank you so much, if i make money from my website i will be sure to donate some to you (y).

    • says

      Hello DP,
      For the first problem, you need to put session_start() in the very first of the login page.
      For the second problem, at first you have to create a field called ‘online_status’ (or whatever you want) in your users DB.
      Then just follow the pseudo code below to solve your problem.

      Hope you got it, thanks for being so nice. Good luck for your website.
      BTW, I going to write a separate tutorial on the same topic in details very soon :)

      • DP says

        That was very confusing for me haha, could u please show me the code to put on the start and i don’t understand what you mean by ‘online_status’

        • says

          Hmm… where you are storing your users’ data? using a MySQL Database is most efficient way to store such kind of data.
          Each databases has one or more tables. Each table has one or more data fields. See the table below and assume its you users table. Here online status is s data field (column).

  11. vicrr says

    redirecting with header() is not working at ‘do stuff’ section. also i’m trying to change an element’s content but nothing…

  12. vicrr says

    My code again:

Leave a Reply