This will be the last part of the tutorial. Below are links to the previous 2 parts. Sorry for the lack of whitespace use, I’m trying to save you from scrolling horizontally 
Link to part 1
Link to part 2
So far, we can register and log in. Now we want to be able to update our profile and add pictures. We’ll need to add another table in our database to store references of the users pictures.
If we were to store the actual picture into the database it could become very big, especially if you decide to allow your users to upload videos too. A better option would be to upload the picture into a directory on the web server and keep a reference to the picture in our database.
So first lets add our table. I added size and type to explain how to retrieve those values but I won’t be using them in my version of the site.
CREATE TABLE `db`.`user_photos` ( `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `profile_id` INT NOT NULL , `title` VARCHAR( 128 ) NOT NULL , `size` INT NOT NULL , `type` VARCHAR( 128 ) NOT NULL , `reference` VARCHAR( 255 ) NOT NULL ) ENGINE = MYISAM
The first 2 parts of the login system set everything up but the output looks terrible. We’ll add some css to make the site somewhat presentable. Give the sections a background and align the form elements with css.
style.css
.formElm { margin-bottom:5px; } .formElm label { float:left; width:120px; } div.divider { width:450px; margin:20px auto; background-color:#C1f0f6; border:4px #0ebfe9 double; padding:10px; }
Now we’re ready to make our profile control panel. At the top of our profilecp.php we need to start our session to see if the user is authenticated. So we start our session and include our database info.
profilecp.php
<?php session_start(); include "db_connect.php"; ?>
Next we’ll link to the stylesheet we just created and echo one of the session variables we created when the user first logged in (on index.php).
profilecp.php
<html> <head> <link rel="stylesheet" href="style.css"> <title><?php echo $_SESSION['username']; ?>'s Homepage</title> </head> <body> <div class="divider">
So now the title of the page will be that user’s name. This is how we’ll be referencing our user and their id for interaction with our database.
Now we’ll need to pull this users info. The SQL to do this using our session variable would be:
profilecp.php
<?php if($_SESSION['id']) //session id is established { echo "<a href=\"home.php\">Home</a><br/>"; //ugly navigation echo "<a href=\"logout.php\">Logout</a><br/>"; //grab record with the correct id $sql="SELECT * from `users` WHERE `id`='".$_SESSION['id']."'"; $res=mysql_query($sql); $row=mysql_fetch_assoc($res); //pull entire row of info and store in to a variable
We have all of this users info. We need to let them update it. We’ll do the usual if !POST method. If the form hasn’t posted, output the html, otherwise update the database.
profilecp.php
if(!$_POST['update'])
{
?>
</div>
<div class="divider">
<form method="post" action="profilecp.php">
<br/><strong>Profile Control Panel</strong><br/><br/>
<div class="formElm">
<label for="first">First Name</label>
<input id="first" type="text" name="first" maxlength="32" value="<?php echo $row['first']; ?>">
</div>
<div class="formElm">
<label for="last">Last Name</label>
<input id="last" type="text" name="last" maxlength="32" value="<?php echo $row['last']; ?>">
</div>
<div class="formElm">
<label for="email">Email</label>
<input id="email" type="text" name="email" maxlength="255" value="<?php echo $row['email']; ?>">
</div>
<div class="formElm">
<label for="about">About</label>
<textarea id="about" cols="40" rows="6" name="about"><?php echo $row['about']; ?></textarea>
</div>
<input type="submit" name="update" value="Update">
</form>
</div>That will be the form to update the text portion of the profile. We also want to allow them to add pictures. The form will submit to addpics.php where we’ll create directories and interact with our database. Heres the html for that. We’ll make addpics.php later.
profilecp.php
<div class="divider"> <form enctype="multipart/form-data" action="addpics.php" method="POST"><br/> <strong>Upload Pictures</strong><br/><br/> <div class="formElm"> <label for="title">Title</label> <input id="title" type="text" name="title" maxlength="32"><br/> </div> <div class="formElm"> <label for="file">File</label> <input id="file" type="file" name="pics" maxlength="255"><br/> </div> <input type="submit" value="Add"> </form> </div>
Since they can add pictures, we’ll need to let them delete them too. This form will submit to deletepics.php which will handle removing entries from our database and deleting the file from the web server.
profilecp.php
<div class="divider"> <?php $sql2 = "SELECT * FROM user_photos WHERE profile_id =".$_SESSION['id']; $res2 = mysql_query($sql2) or die(mysql_error()); if(mysql_num_rows($res2) > 0) //user has pictures { echo "<strong>Delete Pictures</strong><br/><br/>"; echo "<form name=\"deletefile\" method=\"post\" action=\"deletefile.php\">"; //output a checkbox next to each pic so they can delete multiple pics with one click while($file = mysql_fetch_array($res2)) { echo "<input name=\"files[]\" type=\"checkbox\" value=\"".$file['reference']."\">"; echo "<a href=\"".$_SESSION['username']."/pics/".$file['reference']."\"/> <img src=\"".$_SESSION['username']."/pics/thumbs/".$file['reference']."\"/></a><br/><br/>"; } echo "<input type=\"submit\" name=\"delfile\" value=\"Delete Files\">"; echo "</form>"; } else //they havent uploaded any pics yet! { echo "Please upload some pictures!<br/>"; }
This next part handles updating the database for the text portion only. The files addpics.php and deletepics.php take care of the rest.
} else { $first_name=protect($_POST['first']); $last_name=protect($_POST['last']); $about=protect($_POST['about']); $email=protect($_POST['email']); $sql3 = "UPDATE `users` SET `first`='$first_name',`last`='$last_name', `email`='$email',`about`='$about' WHERE `id`='".$_SESSION['id']."'"; $res3 = mysql_query($sql3) or die(mysql_error()); echo "Your profile has been successfully updated!"; } //else no session id was created, user is not authenticated...redirect to index }else echo "<script language=\"Javascript\" type=\"text/javascript\">document.location.href='index.php'</script>"; ?> </div> </body> </html>
Now we’re ready to make addpics.php which handles the pictures. This file will create a directory for the user, add the picture to that directory and also create a thumbnail of the picture. First we’ll add our thumbnail function to our db_connect.php so we can call it in the rest of our files. This function is not my work, I found it googling when I was teaching myself php. Credit goes to http://icant.co.uk/articles/phpthumbnails/
add the function to db_connect.php
function createthumb($name,$filename,$new_w,$new_h) { $system=explode(".",$name); if (preg_match("/jpg|jpeg/",$system[1])){$src_img=imagecreatefromjpeg($name);} if (preg_match("/png/",$system[1])){$src_img=imagecreatefrompng($name);} $old_x=imageSX($src_img); $old_y=imageSY($src_img); if ($old_x > $old_y) { $thumb_w=$new_w; $thumb_h=$old_y*($new_h/$old_x); } if ($old_x < $old_y) { $thumb_w=$old_x*($new_w/$old_y); $thumb_h=$new_h; } if ($old_x == $old_y) { $thumb_w=$new_w; $thumb_h=$new_h; } $dst_img=ImageCreateTrueColor($thumb_w,$thumb_h); imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y); if (preg_match("/png/",$system[1])) { imagepng($dst_img,$filename); } else { imagejpeg($dst_img,$filename); } imagedestroy($dst_img); imagedestroy($src_img); }
Now that the functions ready we’ll go on to making addpics.php. We need to start our session again and include our db_connect.php file. Then we’ll use the mkdir command to create our directories. We have to make sure they dont exist first also. The entire addpics.php code is below with comments.
addpics.php
<?php session_start(); include "db_connect.php"; if($_SESSION['id']) //make sure theres a session id { //pull user info for this id $sql = "SELECT username FROM `users` WHERE `id`='".$_SESSION['id']."'"; $res = mysql_query($sql) or die(mysql_error()); //record doesnt exist...redirect to index.php if(mysql_num_rows($res) != 1) { session_destroy(); echo "<script language=\"Javascript\" type=\"text/javascript\"> document.location.href='index.php'</script>"; } else { $row = mysql_fetch_assoc($res); //pull entire row of info $title = protect($_POST['title']); //post value of title from the profilecp form if(!$title) //they must include a title { echo "<script language=\"Javascript\" type=\"text/javascript\"> alert(\"You must choose a title for your picture!\") document.location.href='profilecp.php'</script>"; } // the @ in front is to supress warning messages $target = $row['username']; //name of directory will be the username if(!is_dir($target)) @mkdir($target); //if directory does not exist, create it $target = $target . '/pics'; //store pictures in 'pics' subdirectory //check if pics subdirectory has been created, if not create it if(!is_dir($target)) @mkdir($target); //Heres where we use the FILES variable //a double array with the name and then parameter ($_FILES['name']['param']) $target = $target."/".basename($_FILES['pics']['name']) ; $size = $_FILES['pics']['size']; //if you want to limit size $pic = $_FILES['pics']['name']; $type = $_FILES['pics']['type']; //if you want to limit type (jpg,gif,png) //insert the reference of file into the database $sql2= "INSERT INTO `user_photos` (`profile_id`,`title`,`size`,`type`,`reference`) VALUES ('".$_SESSION['id']."','$title','$size','$type','$pic'); "; $res2 = mysql_query($sql2) or die(mysql_error()); //move the file into the correct directory if(move_uploaded_file($_FILES['pics']['tmp_name'], $target)) { echo "<script language=\"Javascript\" type=\"text/javascript\"> alert(\"Your picture has been uploaded\") document.location.href='profilecp.php'</script>"; } else //if something goes wrong display and error message { echo "<script language=\"Javascript\" type=\"text/javascript\"> alert(\"There was an error, try again\") document.location.href='profilecp.php'</script>"; } //create thumbnail and move it into the thumbnail directory $target2 = $row['username']; $target2 = $target2 . '/pics'; $target2 = $target2 . '/thumbs'; if(!is_dir($target2)) @mkdir($target2); $target2 = $target2."/".basename($_FILES['pics']['name']) ; createthumb($target,$target2,150,150); } }else echo "<script language=\"Javascript\" type=\"text/javascript\"> document.location.href='index.php'</script>"; ?>
Addpics.php is done, now on to deletepics.php. We use the unlink function to delete the file from our web server.
The entire deletepics.php
<?php session_start(); header("Location:profilecp.php"); include "db_connect.php"; $profile_id = $_SESSION['id']; if(!$profile_id) //no session id...redirect to index.php { echo "<script language=\"Javascript\" type=\"text/javascript\"> alert(\"You are not logged in!\");document.location.href='index.php'; </script>"; } else { foreach($_POST['files'] as $num => $id) //for each picture that was checked { //delete reference in database @mysql_query("DELETE FROM user_photos WHERE profile_id='$profile_id' AND reference='$id'"); unlink($_SESSION['username']."/pics/".$id); //delete pic in directory unlink($_SESSION['username']."/pics/thumbs/".$id); //delete thumbnail } } ?>
Alright…almost there. Everything looks good for the user that logs in. But we need something that’ll show of our users profile to anyone that visits, whether they are registered or not. So we’ll make a profile.php. All it does is grab the username from the url, find that users info and output it all to the page. We’ll be using the GET method to pull from the url.
profile.php
<?php session_start(); include "db_connect.php"; $sql="SELECT * from `users` WHERE `username`='".$_GET['username']."'"; $res=mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($res) != 1)//no user with that username exists { echo "<script language=\"Javascript\" type=\"text/javascript\"> alert(\"This user does not exist\") document.location.href='index.php'</script>"; } else { $row=mysql_fetch_assoc($res); //pull the users info ?> <html> <head><link rel="stylesheet" href="style.css"></head> //use php to echo whats stored in our database <div class="divider"> <strong><?php echo $_SESSION['username'] ; ?>'s Profile</strong><br/> Name: <?php echo $row['first']. " " .$row['last'] ?> <br/> Email: <?php echo $row['email'] ?> <br/> About: <?php echo $row['about'] ?> <br/> </div> <div class="divider"> <strong>Pictures</strong><br/><br/> <?php //find this users pictures $result = mysql_query("SELECT reference FROM user_photos WHERE`profile_id`='".$row['id']."'"); //show the pictures thumbnail as a link to the full picture while ($row2 = mysql_fetch_array($result, MYSQL_ASSOC)) { echo "<a href=\"".$_GET['username']."/pics/".$row2['reference']."\"> <img src=\"".$_GET['username']."/pics/thumbs/".$row2['reference']."\"></a><br/>"; } } ?>
So to test this out say we had a username of ‘bananas’. If we went to localhost/yoursite/profile.php?username=bananas the page that comes up should be bananas profile. To clean this up we can use mod_rewrite in our .htaccess file. With the code below you only need to go to localhost/yoursite/bananas and you should see that users profile.
.htaccess
RewriteEngine on RewriteRule ^([a-zA-Z0-9_-]+)$ profile.php?username=$1 RewriteRule ^([a-zA-Z0-9_-]+)/$ profile.php?username=$1
We’re finally done! Thats everything! You should have a fully working login system (hopefully). I’ve attached all of the source code to the post. It can be found below. If there are any bugs or errors please let me know. I hope this helps! Tell me how it works for you!
Zip of all source code
php_login_system.zip
#1 by James on February 24, 2009 - 3:29 pm
Great work once again. The tutorial is well explained throughout, with good use of comments. Very easy to understand and follow. Including the source code is a great help aswell. I look forward to any new PHP tutorials you may release. Thanks!
#2 by Bhavik on February 25, 2009 - 9:29 am
Thanks James, I’m glad it helped!
#3 by Bhavik on March 23, 2009 - 6:56 am
Hey James, You wanted to know how you could add validation to the addpics.php file so users can only upload pics. To do this add an if statement before the sql query to the database. (We’ve already stored the type of file in the $type variable)
The $type variable stores the MIME of the file. You can find a list of MIME types here to use in your conditional.
Hope this answers your question! Thanks for reading!
#4 by Haji on March 26, 2009 - 2:57 pm
I am recieving errors like
Access denied for user ‘bhavik’@'localhost’ (using password: YES)
wht should i do, please help! Bhavik
#5 by Bhavik on March 27, 2009 - 5:49 am
Hey Haji, Did you put the correct info in your db_connect.php?
This line should reflect your mySQL username and password.
#6 by Haji on April 1, 2009 - 3:10 pm
Could please do a tutorial on how users can upload videos into their profile!
#7 by Bhavik on April 2, 2009 - 6:31 am
This tutorial shows you how to upload pictures, Videos would be the same idea. Just change your validation IF statement to match the MIME type…For example : video/mpeg would be the MIME type for mpeg files.
#8 by Sasori on April 9, 2009 - 4:16 pm
What about different levels of users. Say “user” can have one level which they could only edit their profile while an “Administrator” level is set so that it can delete, edit, alter anything the user post in and can see everything a users does?
#9 by Bhavik on April 10, 2009 - 11:46 am
Hey Sasori,
In order to do that you’d need another field under the users table. We’ll use ‘admin’ for example. Now the admin flag can be set to 1 or 0. After your user logs in, you can check for admin privileges like this
#10 by Adib on November 23, 2009 - 12:28 pm
Hey Bhavik,
Thank you so much for the administration function. I was wondering if there is a way in which there can be a code for the Administrator to edit the photos posted by a user without logging out of their account and logging into the client account? (anything that can be added in the profilecp.php or profile.php – an option to access member accounts?)
#11 by Erik on April 14, 2009 - 1:07 pm
THANKS A LOT!!
I really needed this,.
i appreciate!
#12 by Bhavik on April 14, 2009 - 1:22 pm
You’re welcome Erik
#13 by Erik on April 14, 2009 - 1:25 pm
What i would really like is a tutorial like this for like a simple CMS system or News system or some like that,
A bit more advanced scripting, but still pretty easy!
I love the way you make youre tutorials so good looking!
#14 by Bhavik on April 14, 2009 - 1:57 pm
Haha, You’re giving me too much credit Erik. I use Wordpress for my CMS. When I first had the idea of starting this blog I was going to do it from scratch, make my own CMS and everything. After looking at Wordpress and all the features it has I decided it would be much easier and more efficient to just use Wordpress.
So I installed it and started posting…the plugins they have are incredible…saved me months of coding to get the same effect. I did some customization for the theme and created my own logo, but other than that its all Wordpress. You should definitely check it out, makes life much easier.
#15 by Sorin on April 15, 2009 - 1:09 am
Very good tutorial! I’am glad that you put this online.
I have an error: when I press Add picture I get an error from js and when I looked in database I can see that the picture was added in the table, but with zero size. The folder user/pics/thumbs was created but with no pics inside.
Where do you think is my mistake?
#16 by Bhavik on April 15, 2009 - 12:35 pm
Hey Sorin, Did you edit the code and then get the error? Or are you getting errors without changing anything? If you did edit, what part? Lemme know and I’ll try to see what’s going on.
#17 by Sorin on April 15, 2009 - 12:52 pm
I didn’t edit anything Bhavik. I changed only the db_connect.php where I put my user name, pass and database.
#18 by Bhavik on April 15, 2009 - 8:44 pm
Thats odd Sorin, I just downloaded the code I have here and tested it. It all works fine for me. Might be a configuration issue if you haven’t changed the code. Folder permissions maybe? What are you trying to upload?
#19 by Sorin on April 16, 2009 - 11:01 am
I will try on XP to see if I have the same problem like on vista and than I will put the files on a server to see if works there.
#20 by Sorin on April 16, 2009 - 12:30 pm
I put the files on the server and here I don’t have an error, but after I add the picture I get the icon for broken link where is the photo. Is the same if I go to view profile. If I click on that icon, broken link, I can see the photo, but I guess this is not the right way to see that photo
.
#21 by Bhavik on April 16, 2009 - 3:26 pm
I emailed you with suggestions Sorin. The picture gets uploaded correctly but the thumbnail doesn’t.
#22 by jocob on April 20, 2009 - 3:10 am
there are not forget password option
#23 by Erik on April 20, 2009 - 6:22 am
@jocob
But thats pretty easy to make!
maybe if youre lucky i will make one, and i will post it here!
#24 by Sorin on April 20, 2009 - 1:11 pm
In the zip that I took it from here there isn’t the createrhumb function. I mean in the addpics.php the function doesn’t exist. That’s why making thumbs for me didn’t work
.
#25 by Bhavik on April 20, 2009 - 2:09 pm
Hey Sorin,
Yeah the create thumb function is supposed to be in the db_connect.php file, not in addpics.php.
#26 by john on April 20, 2009 - 3:10 pm
When I try upload your source, Im getting, No database selected. Ive created the db correct and filled in the info in db_connect.php
#27 by Bhavik on April 21, 2009 - 10:15 pm
John, It has to be a configuration issue. Can you give me more info please?
#28 by Muss on April 22, 2009 - 5:29 pm
Thank you so much for this tutorial, it helped me alot.
But I am facing a problem atm.
When I add a picture, I get a page saying NOT FOUND , The requested URL /testing/addpics.php was not found on this server.
Could anyone help me please?
#29 by Bhavik on April 22, 2009 - 6:24 pm
Muss,
Are you doing this on a server? Did you upload addpics.php to the server?
#30 by Muss on April 23, 2009 - 3:11 pm
Thank you for the reply Bhavik,
I am doing this on a server, I could email you my code if you can have a look at it please
thank you
#31 by Muss on April 23, 2009 - 3:12 pm
Bhavik, also on top of the login page I get the following:
Notice: Undefined index: submit in /var/www/html/mum3/testing/login.php on line 7
any suggestions?
#32 by Bhavik on April 24, 2009 - 10:13 am
Yeah send over the code Muss, contact me through my contact page and i’ll reply with my email
#33 by Muss on April 24, 2009 - 10:43 am
I have sent you my Addpic.php by message.
I have separated it into 3 parts coz of the 1000 word limit
I would appreciate any help
#34 by Muss on April 24, 2009 - 1:07 pm
bhavek it seems that I have an undefined index in many pages.
most of the php files start if (!POST ['submit']) …(id, username insteaad of submit).
but the problem is it always tells me its undefined index..so the profile.php never open either, it gives me undefined index: username
any suggestion?
#35 by Muss on April 25, 2009 - 9:11 am
I have solved the error UNDEFINED INDEX: submit.
The if statement on top of login.php is if (!POST ['submit']){…..}
should be like if (!isset($_POST['submit'])) {…}
That’s where the red line error was coming from.
#36 by Bhavik on April 27, 2009 - 11:30 am
Muss, good that you figured it out. It’s odd though that it doesn’t work for you. I have
instead of using the isset function and it works fine for me. Others that have downloaded the code had no issues either. Weird…
#37 by Muss on April 27, 2009 - 12:18 pm
yes Bhavik, codin is never error free.
I have added an algorithm where when users register, an email is send to their email address they provided with their login details. Tough I am facing an error when the email is send to gmail.com or hotmail.com but it works fine when using other email acounts, such as my university email address which is @dcs.qmul.ac.uk
the error thati get to my inbox is PHP mail() error
Do you have any solution to this
#38 by Muss on April 27, 2009 - 12:20 pm
the mail script I am using is:
$mysite = “http://mum3.web-stu.dcs.qmul.ac.uk/testing/login.php”;
$webmaster = “QM SUPPORT U”;
$myemail = “mum3@dcs.qmul.ac.uk”;
$subject = “QMSUPPORTU Registration Complete”;
$message = “Dear $last,
you successfully registered at our web site.
To login, simply go to $mysite and use your login details as printed below:
———————–
Username: $username
password: $password
———————–
Please record these details and keep for future use.
Thanks,
$webmaster”;
mail($email, $subject, $message, “From: $mysite \nX-Mailer:PHP/” . phpversion());
echo “Your information has been mailed to your email address.”;
#39 by Erik on May 15, 2009 - 7:57 am
Hi,
i made a changepassword function for this system,
check it here if you want it:
’s profilepanel!
Change password:
#40 by Bhavik on May 15, 2009 - 3:51 pm
Hey thanks for the addition Erik, for future comments to use the code block use these tags < pre lang="php"> code here < / pre>
#41 by StrykerMikado on September 26, 2009 - 9:32 pm
First off, thanks for the awesome tutorial. I have integrated into my site with some added additions. I am still somewhat new to php but I created my take on the change password function. It works completely but not sure how secure it is.
#42 by Erik on May 16, 2009 - 12:54 am
Hmm it lookst pretty weird, it only does php but i also have html..
please delete the one above!
changepass.php
#43 by john on May 16, 2009 - 6:20 am
Do you get many donations eric?
#44 by William on June 4, 2009 - 12:03 am
Hello,
I love this tutorial, but when I use the profile.php it keeps saying user not found or what ever, but I have the user in the MySql database, is there something wrong with the;
“SELECT * from `users` WHERE `username`=’”.$_GET['username'].”‘”
???
#45 by Bhavik on June 4, 2009 - 7:17 pm
Hey William, did you register through the interface or manually enter the user into the database? Here’s a live version, its the exact same code that I’ve posted in the tutorial. Not sure why it isn’t working for you.
http://lab.bhaviksblog.com/phpLogin/
#46 by matt on June 13, 2009 - 12:53 pm
whenever i upload a picture the thumbnail wont show and if dont type in a title it goes back and adds another broken image. how do i fix this? :[
#47 by Bhavik on June 14, 2009 - 3:49 pm
Hey matt, something must be going on with the url of the thumbnail. Maybe a folder isnt getting created correctly. What did you change in the code? You can see a live version of the code here: http://lab.bhaviksblog.com/phpLogin/
Use test12345 as the user and password for the pass.
#48 by matt on June 17, 2009 - 5:00 pm
i didn’t really change anything. i took the protect() out though. it uploads to the folders just fine just the thumbnail doesn’t work.
#49 by matt on June 17, 2009 - 7:49 pm
i got it to work – it had something to do with my host – thanks for replying though.
#50 by Lyn on July 27, 2009 - 1:24 pm
First off, this is exactly what I have been looking for!!! Thank you so much for posting this.
I just have one question, I don’t want the pictures to upload directly to my site so I have another just for the images, how would I change where the images get uploaded to?
#51 by Bhavik on July 30, 2009 - 11:05 am
Hey There Lyn, I’ve never tried to do this, but I think you can use the ftp functions of PHP. Im gonna give you some example code of the top of my head but I’m not sure if it’ll work. Give it a shot and let me know how it goes.
Here’s some documentation on the ftp functions
http://us2.php.net/manual/en/ref.ftp.php
Good Luck!
#52 by Tim on October 3, 2009 - 2:15 pm
hi bhavik, this is a really great tut and everythings working great except the image upload – the directory isnt created and so i get an error message when it tries to move from the tmp folder. all the image data is input into the db just fine tho. im really stumped….any ideas?? thanks!
#53 by Tim on October 3, 2009 - 3:52 pm
okay ive figured it out needed to change the permissions on my folders – doh!
#54 by Bhavik on October 5, 2009 - 7:42 pm
Hey Tim, glad you figured it out!
#55 by paul read on October 20, 2009 - 8:10 am
Hi, thank you very much for posting this tutorial. i found it very useful for setting up my first PHP sql database. I have knowledge of HTML CSS and Java but have just started with PHP and you have provided an excellent step by step guide for the beginner
cheers
#56 by Bhavik on November 29, 2009 - 5:33 pm
Thanks Paul!
#57 by Ay on November 23, 2009 - 7:23 pm
Wow…You just solved a whole lot of my problem! Thank you thank you thank you……..I still have a lil proble tho, i want ALL visitors to be able to view d profiles(logged in or not) but only authenticated user can edit their profile.
Thanks Bhavik
#58 by Bhavik on November 29, 2009 - 5:29 pm
Hey Ay,
You can do that with this system. If a user isn’t logged in and wants to view user X’s profile, they go to http://www.site.com/profile.php?username=usernameX where usernameX is the guys user id.
And then you can use mod_rewrite to clean up the url and make it http://www.site.com/usernameX. I show you how to do this at the end of this tutorial using the .htaccess file.
Thanks for reading!
#59 by Chris on December 18, 2009 - 11:24 am
Hey, Bhavik!
First of all, great stuff! This was tremendous help, and just what I needed to get my code on!
I’ve encountered one problem though… Whenever I delete an image (or more than one) from profilecp.php, I get an “error” when the page reloads after the “picture deleted successfully” alert..
All the other fields go blank, and where the remaining pictures should load, I get “Unknown column ‘Photo089.jpg’ in ‘where clause’” (where photo089.jpg is the last image I deleted)..
It works again if I log out, then log back in, so I assume that its an issue with the page not getting new data from the table or something… Ideas?
#60 by Bhavik on December 28, 2009 - 10:39 am
Hey Chris, Sorry for taking so long to reply…been very busy.
Im glad the code helped you. It looks like the sql statement is incorrect. Photo089.jpg is being referred to as a field rather than what the field holds. Make sure that sql statement is correct.
#61 by Martin Hitch on December 20, 2009 - 3:06 am
hi… i love the script, but how can i display the image title that the user had to put in when uploading the image?
thanks heaps
#62 by Bhavik on December 28, 2009 - 10:47 am
Hey Martin, come on if you went through the tutorial you should know how to do this! What you need to do is echo the title from the database in our loop like we do for the actual picture in profile.php. See if you can figure it out, if you can’t post back and i’ll show you exactly how
#63 by Martin Hitch on January 1, 2010 - 1:48 pm
hey dude, i have done all the echos i can think of but i still cant get it displaying the title
please can you help
#64 by Joe on January 8, 2010 - 2:09 pm
hi,
i would like to list all members that have joined but instead of linking to the users profile with a plain username i want it to display the users picture.
So for ever new member registering it will link back to their profile from their picture. How could i do this?
#65 by Justin on January 17, 2010 - 8:46 pm
Heya, Great tut you have given there!
Just one thing I noticed about it … you dont sanitise the $_GET for the username which is deadly unsecure and allows anyone (as no login is required) to inject some malicious code!
Is there any chance you could maybe emphasize on the security for things like allowing html tags into a text area for the profile with full sanitising?
This script is certainly whats needed out there but would be good to have a basic set up with full security features for people to develop!
Thanks
#66 by lawrence on February 3, 2010 - 9:38 pm
Hi.. i love your script.. but may i know how to create a add friend, friend request, friend list, remove friend? and PM system as well.. thank.