1. DP says

    i was wondering if you could help me with.
    1.How do i make it so that all the boxes in register must be filled in before they can make an account?
    2.Once a user is logged in or signed in, it redirects them to the index page and the profile button becomes their name?
    3.could you do a tutorial on how to protect your website and how to make a twitter like upload system?
    thank you so much

    • says


      1. Please see these articles for both client side and serverside form validation:

      2. Just put $_SESSION[‘username’] or your $username (fetched from database) where you want it to be shown.
      like below

      3. Check this out and tell me if you’re not happy…

      • DP says

        Thanks that helped!
        One more thing, how do i let users upload stuff on my website on certain pages? Like yahoo answers, you fill out a form and you choose what category it goes under and they can upload it? how do i do that?
        Thank you

        • DP says

          Also i found a ‘bug’? in your simple tutorial if log in was successful it would get rid of the username and password boxes and say you have logged in successfully. How do i redirect people to the homepage if the log n was successful?

        • says

          Write your upload script on that particular page and along with uploading files, use database to store upload information.
          Then you can play with that with ease.

          • DP says

            the code have so many if logged in and ‘else’ i don’t know where to put it so if logged in, you get redirected to the index page. i don’t know what the code is and where to place it.

          • says

            Code for that is like below:

          • DP says

            Hey Arpan,
            its not working where i put it

            connect_errno) {
            echo “MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}”;

            $sql = “SELECT * from users WHERE username LIKE ‘{$username}’ AND password LIKE ‘{$password}’ LIMIT 1”;
            $result = $mysqli->query($sql);

            if ($result->num_rows != 1) {
            echo “Error: Invalid username/password combination”;
            } else {

            $user = $result->fetch_array();
            $_SESSION[‘user_id’] = $user[‘id’];
            $_SESSION[‘username’] = $user[‘username’];

            $timestamp = time();
            $sql = “UPDATE users SET status={$timestamp} WHERE id={$_SESSION[‘user_id’]}”;
            $result = $mysqli->query($sql);


            if(isset($_GET[‘msg’])) {
            echo “”.$_GET[‘msg’].””;
            if (logged_in() == true) {
            echo “You have Logged in successfully. Click here to go to the main page”;
            } else {
            echo ‘ Oh! No account? Register here!‘;

            i don’t know how to let people redirect to the main page.

  2. says

    im testing your script buddy , its good. but i saw some bug. i registered 2 user. after that i log off all. then when i click login without entering any data, it automaticaly logging into user id 2, please advice

    • says

      Did you clicked on Log Out button properly before that?
      After login with remember me not checked, you close the browser = you log out, without clicking log out link.
      After login with remember me is checked, you do not click on the log out link and close the browser = you stay logged in for 1 week.

        • says

          I guess you’re running with PHP 5.2, and this is the main reason of this problem.
          Use define in place of const.
          Modify the code of db-const.php like below, instead of the current one.

  3. says

    Great tutorial,

    I was following your tutorial but I wanted the data from the registration form to be stored into two separate tables, my address_book table includes Address_Book_id, First_Name, Last_Name, Street, Subburb, Post_Code, Phone_Number fields and customers table has Cust_ID, Cust_Username, Cust_Email, Cust_Password, Address_Book_Address_Id fields .

    Could you take a look at my code, and tell me what I have done wrong.

    Any help would be much appreciated

    • says

      Hi tedos,
      Can you show me the place near line 128 of your register.php?
      BTW, there is no need of address_book_address_id in customers table. Just add a field ‘customer_id’ in address_book table.
      customer_id will be the link between two tables.

      • says

        Thanks for the speedy response.

        Line 128 should be there, I have accidentally cut the 1 off so you can only see the 28. So it’s the $sql1 = line.

        127- $sql1 = “INSERT INTO customers (Cust_Id, Cust_Username, Cust_Password, Cust_Email, Address_Book_Address_Id)
        128- VALUES (NULL, ‘{$username}’, ‘{$password}’, ‘{$email}’, ‘{$id}’)”;

        Thanks again

  4. says

    I now get the following *error ( ! ) Warning: mysqli::query() expects parameter 2 to be long, string given in C:\wamp\www\pizza2\register.php on line 130*

    130: if ($mysqli->query($sql,$sql1)) {
    131: redirect_to(“members.php?msg=Registred successfully”);

    • says

      Do it by parts like below.

  5. Toni says

    i think there is a bug? Sometimes it will log in and sometimes it won’t? I have to keep logging in for it to be logged in sometimes? And it dosnt redirect the page like it says in the code?

    • says

      I rechecked as you said but working as expected – fully functional.
      Something is going wrong with session (in your side).
      1. Clear your browser cache.
      2. Try with different browsers.
      3. If you got any error message, please post it here. (enable php error reporting if disabled)

      • Toni says

        i see there is a simple tutorial that does the same thing? what is the difference? is this one more secure from hackers or?

        • says

          Hi Toni,
          In the simple one, I’m just showing 1. creating user’s DB, 2. registering users, 3. logging in
          In the advanced on, I’m adding 1. stay logged in using session, 2. fetch a users info, 3. managing each users online status, 4. remember me option, 5. logout and 6. forgot password option

  6. says

    hello nice detailed script you have created, but am having a similar problem just like how Toni mentioned. Anytime i try to login, I have to try it twice before i can login.

    • says

      I have the same issue. Here is the error warning message:

      Warning: Cannot modify header information – headers already sent by (output started at /homepages/…/admin/login.php:58) in /homepages/…/admin/functions.php on line 11

      functions.php line 11 -> header(“Location:{$url}”);
      login.php line 58 – if (isset($_POST[‘submit’])) {

  7. says

    I now receive this error “MySQL error no 1452 : Cannot add or update a child row: a foreign key constraint fails (pepperoni_pizza.customers, CONSTRAINT fk_Customers_Address_Book FOREIGN KEY (Address_Book_Address_Id) REFERENCES address_book (Address_Id) ON DELETE NO ACTION ON UPDATE NO ACTION)”

  8. says

    Hi Mike, Toni and anyone having similar problem with login,
    I have checked again and its working fine.
    Have you guys modified anything except db-const.php?
    If yes, please show it to me. Upload your code to dropbox and link it here.
    If you have any online preview of login system, please post the link here.

    • says

      Whats in that 48 MB zip file?
      BTW, replace line 106 to 119 with the code below, it’ll fix that.

  9. says

    Thanks for your reply, I have not modified anything in any of the codes/files except for db-const.php file to connect with Msql and I used your sql.
    An online demo
    username mike
    pass mikepass
    Once password is submitted, it remains on the login.. i have to login again or refresh before am redirected to profile.php tested on Firefox and Chrome but the same issue. Thanks

  10. says

    hi Arpan , i have some questions ,,.. i want to remove register page its normal or there anything to notice ?
    i mean i have already database with users and passwords and i dont want any other members to register just my users in my database
    how can it done ???

  11. says

    Hey Arp, just wondering if you have had a chance to read my email? I could really use your assistance connecting my menu to my database.

  12. Jeff says

    Great stuff! Found one quirky thing. When a user enters login information and hits “login” all the data from the user name and password fields clear and the form just sits there (even though login was successful). But if you then if you click “login” a second time, it will redirect. Why won’t it redirect the first time and give the success message etc?
    Also, it doesn’t look like it emails users their login info, but perhaps it is not set up to do so? No big deal for me either way…

    • says

      Hi Jeff,
      It is happening with few people, I’ve tested the code many times, the logic is ok. But somehow redirect is not working for first attempt. Please try with different server and reply.
      I didn’t wanted to put different thing here – it will make it more complex; so I mentioned my PHPMailer tutorial.

  13. null says

    your tuts help me a lot..thanks a bunch arpan…could you help me with this…i need to change the email instead username as user login how do i do this? also how do i implement the login page as bootstrap 3 modal ? and for the register form how do i add in the mysql something like member avatar (image) or big photo upload..( i send you the form look arp149[at]…) Any help would be much appreciated

  14. Kico says

    Thanks for the great script!
    I got a problem at “register.php”, after I fill up all fields, and press the register Button, it shows up following error:
    “MySQL error no 1364 : Field ‘status’ doesn’t have a default value”

    What I did wrong?

  15. brian cherdak says

    awesome work man, I am gonna try to add a profile picture to the script so when you edit your profile you can upload a .png image, any help you could give me on it?

  16. says


    Is this still active as am using this script but have a issue with the log in side/coding

    It keeps coming up with invalid username/password combination

    I have md5 the password so is secure, could that be why?

    Where is best to show the coding, I can use pastebin and add the link here if need be

    • says

      I’m very busy, but yes – its active :)
      If you inserted md5 of the password into database while registering the user, then yes – you have to check through md5 in login page.
      Yes you can post pastebin links here 😉

  17. Sam says

    Hi there gr8 work on this, just one thing that I cant seem to get working, when i click the logout button, it loads a blank page but does not end the seesion, as i can just go back to the profile page and all is still logged in. ?
    thanks in advance

    • Sam says

      ok i have got this all working now apart from if i add anything els on the login page e.g a p tag with some text in it it stops the login from working ? you have to click the login button again after putting the login details in for it to redirect to the next page?

    • says

      Hi Sai,
      If we CHECK the remember me checkbox, then we got it in line 33 of login.php
      There, we set the session cookie’s expiration time to one week and we and setting session regenerate id to true in line 34 & 35.
      Thats all 😉

  18. says

    after login I want to redirect home page with view profile,update profile,logout etc option.but there would be no login option (login option was in my home page before login ) because i have already logged in.
    how can i do it?

  19. Jason Vo says

    Hi, I was wondering what if you have 3 users registered, how would you show who is logged on or not, all on the same profile.php so users know who is logged in or not?

  20. Kyle says


    GREAT ARTICLE! Had a quick question:

    I have 4 pages that I would like to require login to view, but they also all share a “”.
    What do I need to add to those 4 pages to require login? And where do its go? In the file itself or in header.php?


  21. Kevin P says

    On the login page I have not edited anything and I keep getting the error: “Warning: Cannot modify header information – headers already sent by (output started at …login.php:17) in …functions.php on line 11”
    This seems to be because redirect_to is being called after the page output has started. How do you suggest fixing this? Why didn’t this show up for you when you originally created this code?

  22. Shifter says

    Thanks a lot for this tut can you please explain how to edit the user profile

    Thanks again for your effort

  23. says

    Fatal error: Call to a member function fetch_array() on a non-object in /home/coldcodrr/public_html/logout.php on line 16

    Logout isn’t working, please help!

  24. says

    Hey! this the best tutorial for this lessons ever! please share it with your friends.

    i would like to know how to receive other information for other online users through profile? anyone can help me please!!!!!


Leave a Reply

Your email address will not be published. Required fields are marked *