Discussion on PHP Login & User Management


jigowatt supports this item


2673 comments found.

Will you guys be updating this to incorporate Bootstrap 4?

Yes, it is in progress, although it is involving quite a bit of changes to all markup. I’d like to get it out by the end of the month, but we shall see.

it would be interesting to add a module to generate CRUD your tool would be great with that function

Hooray ! Installation is all done :)

this message appears, but: nothing is done: no datebase tables created ….

config values are correct.

iIf you have recently downloaded this, then in the root directory there is a file (think you may have seen this) `config.php`. For a fresh install, this shouldn’t be there. Delete that file, refresh the home page and then there will be a link to install. Fill out the installation form and then submit and that should take care of things.

Hi! Is there any way to allow an admin to login as any user from the Control Panel?

We would like to use the script for our back office and at times would need to login as an active user to view information or assist with a problem.

Sorry, no, I’m afraid not.

Would this be something I can hire you to do?

Hey, I purchased this script some time back, I had a quick question. when I do shouldn’t it redirect to . It works fine when the page is visited with but does not redirect when visited with to . What am I missing here?

What do you have the Admin->Settings->General->Site Address set to? Are you using ‘https’ in that URL? If you do correct that URL, you will need to log out and back in again to set the SESSION.

Yes it is set to . And everywhere else its https.

Ok, so if I’m understanding correctly … on my dev site, if I enter a URL `` ... it redirects correctly and shows `https` in the browser. However, I have the following rules in my `.htaccess` file:

# Force HTTPS version of site RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}[L,R=301]

Perhaps try that.

Hello – I’m trying to activate sign-in through Google however HybridAuth docs aren’t clear about what the ‘Authorised redirect URIs’ in Google OAuth client and I’m not sure what this is for this particular application.

Sorry, not going to be able to help much. I’ve never used Google. I would think they just want the main site URL?

Hi, just did a fresh upload of files. Trying to run the install/index.php gives: The requested URL /500.shtml was not found on this server.

What version of reCaptcha? If it’s 2.0, it won’t work. We are planning an upgrade.

The 2FA is from Twilio and you can find docs there:

Yes V2 since Google shut off V1 on March 31, 2018. Any idea on the upgrade timeline? Thanks on the Twilio info. I will add it. Love the script btw!

Thanks! We had wanted it out by now actually, but are aiming for the end of the month.

The update check isn’t working. It is trying to reach a file or domain that does not exist:

Thank you, we were aware of it. We’ve had to change the domain for the docs and demo server and we have an update planned. replace `jigowatt` with `jigowattproof` and that should take care of it.

I purchased the script and uploaded to my Linux server ( a virtual private server) and tried to access home.php but get 500 Internal Server Error. I check the errors from Cpanel and here is the error: Tue Aug 07 17:37:44.209573 2018 pid 3271 /home/pccmoev/public_html/php-login-user-management/.htaccess: Invalid command ‘php_flag’, perhaps misspelled or defined by a module not included in the server configuration

Please help. Thanks,

What version of PHP on your server? Should be at LEAST 5.6.x and you really should be on the PHP 7.x.x branches. The `php_flag` command isn’t critical and you could just delete that `.htaccess` and replace with your own. Those commands just set PHP up for logging warnings and errors and such into a log file in the root directory.

Thank you for the pointers. I am using PHP 7. I delete the .htaccess and config.php and it worked.

When viewing the login page on an android phone, the Trouble Signing in link does not show. For now, I removed the span tags from that link and placed it under the Stay Signed in code and it shows. Just wanted you to be aware. :)

Ok, thanks. We have it marked for a fix.

How do I change what page you are sent to after login and logout? Also on my custom login page when the information is entered incorrectly a header is applied to the page. How do I prevent this?

There are settings in the Admin for ‘signin’ and signout’. They are defaulted to the referring page, but if you uncheck them, you can provide your own page URL.

Not entirely sure I follow the second part of your question, but in those same settings there is a `guest` default login URL. Have you changed this to your custom login URL?

Thanks for the reply! Is there a way to echo the actual first and last name of the logged in user?

I made a new level “test” and added that level to myself. My other levels also include “Admin” and “Special”. I then made a simple page with if( protectThis("test") ) : and I am unable to view the content. If I change the code to if( protectThis("Admin") ) : or if( protectThis("Special") ) : I can view the page.

Also a side note, when I add a new level, it sends me to an unformatted page that simply states that the new level was added to the database. I have to click back to get back to the admin control panel.

Why am I unable to view the protected page when I am in the new test group and the page is protected with if( protectThis("test") ) : ?

Most likely you didn’t log out and then log back in again. That will reset the SESSION variable with all the groups you belong to. Simply adding a group and then your user to it won’t be enough.

FAQ link here is broken. Documentation link in the purchased ZIP file goes to an empty WordPress page.

I entered the values into config.php; uploaded everything; ran the install file; it immediately came back saying it was installed. However, there are no tables in the database and nothing is working in terms of trying to get in as admin to configure anything.

REFUND REQUESTED. Item does not install properly. Item not supported. No reply from Author.

Sorry, but you won’t get a reply on the weekend. Remove the `config.php` file in the root directory entirely and refresh the Home page. Then an install link will appear and will work.

Is there a way to echo the first and last name of the current user? Like <?php echo $_SESSION‘jigowatt’; ?> except for the name instead of the email? If not in this way then how can I go about doing this?

It would seem that while you can do that for most user fields, the name is not put into the session. On each pageload for an authenticated user, the `$profile` global is set and you can use:


There is no first and last name though, only the full name.

Hi, i wanted to add a new user via Control Panel. After clicking “Add user” it is added to the database but sending a mail does not work.

I’m getting the following errors: “ERROR. Mail not sent Warning: include_once(/var/www/web27786942/html/www/login/admin/page/footer.php): failed to open stream: Datei oder Verzeichnis nicht gefunden in /var/www/web27786942/html/www/login/classes/generic.class.php on line 625

Warning: include_once(): Failed opening ’/var/www/web27786942/html/www/login/admin/page/footer.php’ for inclusion (include_path=’.:/opt/php/7.1.14/share/pear’) in /var/www/web27786942/html/www/login/classes/generic.class.php on line 625”

It’s hosted on a server (Alfahosting).

And now? When do i get further support?

Sorry, thought that was apparent. As noted, ‘mail’ should just work. You seem to have a configuration issue with your hosting service. Here are a few links:

Requirements: Configuration: PHP Mail function (with user notes on implementation):

You need to ensure PHP `mail’ is installed and functioning on your hosting service. Not much we can do for you with this.

Hello, referring to the problem previously encountered

Hi, I have a little a problem. My website is HTTPS and the gravatar output is showing http. I tried to dig and I found the class “get_gravatar ()” in generic classes = $ http = (! Empty ($ _ SERVER [‘HTTPS’]))? ‘Https: //’: ‘http: //’; Just for experimental purposes I tried to change to $ http = ‘https: //’. $ _SERVER [‘SERVER_NAME’]; and did not

  I have the same problem. Solutions?

Should be the same solution … have you changed your site address settings to use ‘https’ in the URL?

(Admin->Settings->General->Site Address)

Then … log out and back in again to reset the SESSION variable to use ‘https’.

Ok, fixed, now there is another problem, as mail admin does not accept the .online

in the settings, if I put tells me that the email is not valid!

Ah, ok, understood. The software uses a validation function which may need to be updated. In the file `/classes/generic.class.php` you could for now, add that top level domain to the verification function.

It is line number – 515 and you could replaced the whole line with this:


I have added the `online` top level domain only to this and it now works.

Hi, Can we use this to make existing script as SAAS ?

Sorry, I’m not sure what you are asking for?

Hi, I am asking that I already a site, I want every user register and use that software individually, Can this do that ?


From the product description:

> By purchasing and integrating this script into your existing website you can create a private user area where visitors to your website have to be logged in to view page content.


I’ve been able to install your code and the basics are working well (MySQL db created, protected pages created, test logins granting access to pages with sign in sign out funcitonality – all great!)

However registering new users relies on the server emailing them to activate their account? I am not getting emails from the application during registration – can you clarify how the system is meant to email the user – are there dependencies that the server should be configured to send mail, and in any particular way? I’m can’t find anything in the documentation about this. Thanks!