diff --git a/include/class-Page.php b/include/class-Page.php
index c4081c2..ffaa075 100644
--- a/include/class-Page.php
+++ b/include/class-Page.php
@@ -1,49 +1,56 @@
 <?php
 /**
- * A website page
+ * A generic website page
  *
  * It's useful to print the header, the footer, and who knows
  */
 class Page {
 
 	/**
 	 * Custom arguments
 	 *
 	 * @var array
 	 */
 	protected $args;
 
 	/**
 	 * Constructor
 	 *
 	 * @param array $args Custom arguments
 	 */
 	public function __construct( $args = [] ) {
 
 		$this->args = $args;
 
+		// call this method
 		$this->prepare();
 	}
 
 	/**
 	 * Do something at startup
 	 */
 	protected function prepare() {
 		// actually nothing. You can override this!
 	}
 
 	/**
 	 * Print the site header
 	 */
 	public function printHeader() {
+
+		// this is an utility to require the file 'template/header.php'
+		// and passing some variables to it
 		template( 'header', $this->args );
 	}
 
 	/**
 	 * Print the site footer
 	 */
 	public function printFooter() {
+
+		// this is an utility to require the file 'template/footer.php'
+		// and passing some variables to it
 		template( 'footer', $this->args );
 	}
 
 }
diff --git a/include/class-PageHome.php b/include/class-PageHome.php
index 642ce12..1863c40 100644
--- a/include/class-PageHome.php
+++ b/include/class-PageHome.php
@@ -1,45 +1,17 @@
 <?php
 /**
  * Homepage of my website
  */
 class PageHome extends Page {
 
-	/**
-	 * User requested by ID
-	 */
-	public $requestedUser = false;
-
 	/**
 	 * Do something at startup
 	 *
 	 * @override
 	 */
 	protected function prepare() {
 
-		// read the ID from the query string or zero
-		$id = $_GET['id'] ?? 0;
-
-		// make sure that it's an integer
-		$id = (int) $id;
-
-		// if it's non-zero
-		if( $id ) {
-
-			// query the User with that ID (or get NULL)
-			$this->requestedUser =
-				( new QueryUser() )
-					->whereUserID( $id )
-					->queryRow();
-		}
-	}
-
-	/**
-	 * Get the requested User (if any!)
-	 *
-	 * @return User|null
-	 */
-	public function getRequestedUser() {
-		return $this->requestedUser;
+		// do something
 	}
 
 }
diff --git a/include/class-PageLogin.php b/include/class-PageLogin.php
index 0adb809..53b3b72 100644
--- a/include/class-PageLogin.php
+++ b/include/class-PageLogin.php
@@ -1,19 +1,97 @@
 <?php
-
+/**
+ * The business logic for your login page
+ *
+ * See 'www/login.php' to discover who calls this class
+ * See 'include/Page.php' to discover what this class extends.
+ */
 class PageLogin extends Page {
 
+	/**
+	 * Check if the login was just successfull or not
+	 *
+	 * @var boolean
+	 */
+	private $success = null;
+
+	/**
+	 * Specific login status
+	 *
+	 * @var int
+	 */
+	private $status;
+
 	/**
 	 * Prepare the login page
 	 *
+	 * This function is automatically called when you create a Page.
+	 *
 	 * @override
 	 */
 	public function prepare() {
+
+		// check if the user submitted our form
 		if( is_action( 'try-login' ) ) {
-			if( !login() ) {
-				echo "VAFFANCULO";
-				exit;
-			}
+
+			// try to do the login and check if it's successfull or not
+			$this->success = login( $this->status );
 		}
 	}
 
+	/**
+	 * Get the username (if any)
+	 *
+	 * @return string
+	 */
+	public function getUserUID() {
+
+		// read from POST, or from GET
+		$user_uid = $_POST[ 'user_uid' ] ?? $_GET[ 'user_uid' ] ?? null;
+
+		// must be a string
+		if( !is_string( $user_uid ) ) {
+			$user_uid = null;
+		}
+
+		return $user_uid;
+	}
+
+	/**
+	 * Check if the login failed
+	 *
+	 * @return boolean
+	 */
+	public function isLoginFailed() {
+		return $this->success === false;
+	}
+
+	/**
+	 * Get the login error message (if any)
+	 *
+	 * @return string
+	 */
+	public function getLoginErrorMessage() {
+		return self::loginMessageFromstatus( $this->status );
+	}
+
+	/**
+	 * Get the login human error message
+	 */
+	private static function loginMessageFromstatus( $status ) {
+
+		// check what happened
+		switch( $status ) {
+			case Session::OK:
+				return __( "Yeah! You are logged-in!" );
+
+			case Session::LOGIN_FAILED:
+				return __( "Sorry but your credentials are wrong. This incident will be reported." );
+
+			case Session::USER_DISABLED:
+				return __( "Sorry but your account was not confirmed." );
+		}
+
+		// default message
+		return __( "Please try again with valid information." );
+	}
 }
diff --git a/include/class-PageRegister.php b/include/class-PageRegister.php
index b310612..a596a92 100644
--- a/include/class-PageRegister.php
+++ b/include/class-PageRegister.php
@@ -1,66 +1,170 @@
 <?php
+/**
+ * Business logic for the registration page
+ *
+ * This class extends the Page class
+ *
+ * See 'include/class-Page.php' class
+ *
+ * See 'www/register.php' to discover who is using this class.
+ */
 class PageRegister extends Page {
 
 	/**
-	 * Method to try the login
+	 * Check if the registration ended successfully
+	 *
+	 * @var boolean
 	 */
-	public function tryLogin() {
+	private $success = null;
+
+	/**
+	 * Human registration error message
+	 */
+	private $registrationErrorMessage;
+
+	/**
+	 * Check if there is a registration error message
+	 *
+	 * @return boolean
+	 */
+	public function hasRegistrationErrorMessage() {
+		return isset( $this->registrationErrorMessage );
+	}
+
+	/**
+	 * Check if the registration was OK
+	 *
+	 * @return boolean
+	 */
+	public function isRegistrationSuccess() {
+		return $this->success;
+	}
+
+	/**
+	 * Get the registration error message (if any)
+	 *
+	 * @return string
+	 */
+	public function getRegistrationErrorMessage() {
+		return $this->registrationErrorMessage;
+	}
+
+	/**
+	 * Prepare the registration page
+	 *
+	 * This function is automatically called when you create a Page.
+	 *
+	 * @override
+	 */
+	protected function prepare() {
+
+		try {
+			// try to register
+			$this->tryRegistration();
+
+		} catch( Exception $e ) {
+
+			// if fail, save the error message
+			$this->registrationErrorMessage = $e->getMessage();
+		}
+
+	}
+
+	/**
+	 * Get the username sent via POST (if any)
+	 *
+	 * @return string
+	 */
+	public function getPOSTUsername() {
+		$username = $_POST['user_uid'] ?? null;
+		if( !$username || !is_string( $username ) ) {
+			$username = null;
+		}
+		return $username;
+	}
+
+	/**
+	 * Try to register the user
+	 *
+	 * Note that this function may fail with an exception
+	 */
+	private function tryRegistration() {
+
+		// check if the user submitted the registration form
 		if( is_action( 'try-register' ) ) {
 
-			$username             = $_POST['user_uid']      ?? null;
+			// retrieve the information obtained from the login form
+			$username             = $this->getPOSTUsername();
 			$password             = $_POST['user_password'] ?? null;
 			$i_want_weak_password = $_POST['weak_password'] ?? null;
 
+			// avoid whitespaces
 			$username = trim( $username );
 			$password = trim( $password );
 
-			if( !$username ) {
+			if( !$username || !is_string( $username ) ) {
 				throw new Exception( "bad username" );
 			}
 
-			if( !$password ) {
+			if( !$password || !is_string( $password) ) {
 				throw new Exception( "bad password" );
 			}
 
 			// eventually force about a stronger password (but the user may want it)
 			if( strlen( $password ) < 12 ) {
 				if( !$i_want_weak_password ) {
-					throw new Exception( "password too short" );
+					throw new Exception( __( "Your password is too short" ) );
 				}
 			}
 
+			// eventually force a short username
+			if( strlen( $username ) > 64 ) {
+				throw new Exception( __( "Your username is too long" ) );
+			}
+
 			// check if the username already exist
 			$already_existing_user =
 				( new Query() )
 					->from( 'user' )
 					->whereStr( 'user_uid', $username )
 					->queryRow();
 
 			// check if the username already exist
+			// NOTE: this message may be a privacy problem if your "username" is the private email
 			if( $already_existing_user ) {
-				throw new Exception( "user uid already taken" );
+				throw new Exception( __( "Sorry but this user already exist" ) );
 			}
 
-			// OK now we can create the user
-
 			// encrypt the password
 			$password_encrypted = Sessionuser::encryptPassword( $password );
 
 			// insert a new line in the 'user' database table and fill its columns
 			insert_row( 'user', [
 
 				// column of the login identifier (email, name.surname, who knows)
 				'user_uid' => $username,
 
 				// column of the password
 				'user_password' => $password_encrypted,
 
 				// displayed username (boh! something)
 				'user_name' => "Mr. $username",
+
+				/**
+				 * As default, create an active user
+				 *
+				 * In the real world you should create inactive users,
+				 * and send a confirmation e-mail.
+				 */
+				'user_active' => 1,
 			] );
 
 			// I may do something with this
 			$user_ID = last_inserted_ID();
+
+			// well done!
+			$this->success = true;
 		}
+
 	}
 }
diff --git a/www/index.php b/www/index.php
index 438b4c1..0d2fdc0 100644
--- a/www/index.php
+++ b/www/index.php
@@ -1,51 +1,38 @@
 <?php
 // load everything
 require '../load.php';
 
 // this is the homepage (the business logic of this page it's in this class)
 $page = new PageHome( [
 	'title' => __( "Welcome!" ),
 ] );
 
-// user that will be printed (if it exists)
-$user = $page->getRequestedUser();
+// get the currently logged-in user (if any)
+$user = get_user();
 
 // I want this stylesheet
 enqueue_css( 'my-style' );
 
 // print site header
 $page->printHeader();
 ?>
 
 	<!-- check if the user exists -->
 	<?php if( $user ): ?>
 
-		<!-- User found -->
+		<?= esc_html( sprintf(
+			__( "Hello %s!" ),
+			$user->get( 'user_name' )
+		) ) ?>
 
-		<!-- hello the User -->
-		<?= sprintf(
-			__( "Hello User name %s!" ),
-			esc_html( $user->get( 'user_name' ) )
-		) ?>
-
-		<!-- check if it's myself -->
-		<?php if( $user->isUserMe() ): ?>
-			<?= __( "This user is you!" ) ?>
-		<?php else: ?>
-			<?= __( "This user is not you!" ) ?>
-		<?php endif ?>
-
-	<?php elseif( $user === null ): ?>
-
-		<!-- User not found -->
-		<?= __( "This User does not exist" ) ?>
 
 	<?php else: ?>
 
-		<!-- invalid ?id= or missing -->
-		<p><?= __( "You must provide a valid ?id= parameter!" ) ?></p>
+		<!-- user not logged-in -->
+
+		<p><?= __( "Please log-in" ) ?></p>
 
 	<?php endif ?>
 
 <?php
 $page->printFooter();
diff --git a/www/login.php b/www/login.php
index b8c7aa1..8b184a2 100644
--- a/www/login.php
+++ b/www/login.php
@@ -1,34 +1,71 @@
 <?php
+// this is the login form
+
 // load everything
 require '../load.php';
 
-// this is the homepage (the business logic of this page it's in this class)
+// I want this stylesheet
+enqueue_css( 'my-style' );
+
+// The business logic of this page can be put in a class like this one
+// This class is not related to the framework: it's in this project in the 'include' directory
 $page = new PageLogin( [
-	'title' => __( "Fai il login" ),
+	'title' => __( "Login Form" ),
 ] );
 
-// print site header
+// print my site header
 $page->printHeader();
+
+// now starts the page body
 ?>
 
-	<p><?= __( "Fai il login!" ) ?></p>
+	<!-- start of login error message -->
+	<?php if( $page->isLoginFailed() ): ?>
+		<div class="error-message">
+			<?= $page->getLoginErrorMessage() ?>
+		</div>
+	<?php endif ?>
+	<!-- end of login error message -->
+
+	<?php if( is_logged() ): ?>
+
+		<!-- start of success message -->
+
+		<p><?= __( "Welcome aboard!" ) ?></p>
+		<p><?= __( "You are logged-in" ) ?></p>
+
+		<!-- end of success message -->
 
-	<form method="post">
+	<?php else: ?>
 
-		<?php form_action( 'try-login' ) ?>
+		<!-- start of login form -->
 
-		<p>
-			<label for="username"><?= __( "Username" ) ?></label><br />
-			<input name="user_uid" id="username" type="text" />
-		</p>
-		<p>
-			<label for="password"><?= __( "Password" ) ?></label><br />
-			<input name="user_password" id="password" type="password" />
-		</p>
-		<p>
-			<button type="submit"><?= __( "Login" ) ?></button>
-		</p>
-	</form>
+		<p><?= __( "Fai il login!" ) ?></p>
+
+		<form method="post">
+
+			<!-- this function is part of the framework and it protects this form against CSRF attacks -->
+			<?php form_action( 'try-login' ) ?>
+
+			<p>
+				<label for="user-uid"><?= __( "Username" ) ?></label><br />
+				<input name="user_uid" id="user-uid" type="text"<?= value( $page->getUserUID() ) ?> />
+			</p>
+			<p>
+				<label for="user-password"><?= __( "Password" ) ?></label><br />
+				<input name="user_password" id="user-password" type="password" />
+			</p>
+			<p>
+				<button type="submit"><?= __( "Login" ) ?></button>
+			</p>
+		</form>
+
+		<!-- end of login form -->
+
+	<?php endif ?>
 
 <?php
+// now ends the page body
+
+// print my page footer
 $page->printFooter();
diff --git a/www/register.php b/www/register.php
index 5557251..be7e36f 100644
--- a/www/register.php
+++ b/www/register.php
@@ -1,36 +1,77 @@
 <?php
+// this is the registration form
+
 // load everything
 require '../load.php';
 
-// this is the homepage (the business logic of this page it's in this class)
+// I want this stylesheet
+enqueue_css( 'my-style' );
+
+// see the 'include/class-PageRegister.php'
 $page = new PageRegister( [
-	'title' => __( "Registrati" ),
+	'title' => __( "Registration Form" ),
 ] );
 
 // print site header
 $page->printHeader();
+
+// start of the page content
 ?>
 
-	<form method="post">
-
-		<?php form_action( 'try-register' ) ?>
-
-		<p>
-			<label for="username"><?= __( "Username" ) ?></label><br />
-			<input name="user_uid" id="username" type="text" />
-		</p>
-		<p>
-			<label for="password"><?= __( "Password" ) ?></label><br />
-			<input name="user_password" id="password" type="password" />
-		</p>
-		<p>
-			<label for="weak-password"><?= __( "I'm sure about a weak password" ) ?></label><br />
-			<input name="weak_password" id="weak-password" type="checkbox" />
-		</p>
-		<p>
-			<button type="submit"><?= __( "Register" ) ?></button>
-		</p>
-	</form>
+	<!-- check if you have not sent any data -->
+	<?php if( !$page->isRegistrationSuccess() ): ?>
+
+		<!-- start of registration errors -->
+		<?php if( $page->hasRegistrationErrorMessage() ): ?>
+			<div class="error-message">
+				<?= $page->getRegistrationErrorMessage() ?>
+			</div>
+		<?php endif ?>
+		<!-- end of registration errors -->
+
+		<form method="post">
+
+			<!-- protect the form against CSRF attacks -->
+			<?php form_action( 'try-register' ) ?>
+
+			<p>
+				<label for="username"><?= __( "Username" ) ?></label><br />
+				<input name="user_uid" id="username" type="text"<?= value( $page->getPOSTUsername() ) ?> />
+			</p>
+
+			<p>
+				<label for="password"><?= __( "Password" ) ?></label><br />
+				<input name="user_password" id="password" type="password" />
+			</p>
+
+			<p>
+				<label for="weak-password"><?= __( "I'm sure about a weak password" ) ?></label><br />
+				<input name="weak_password" id="weak-password" type="checkbox" />
+			</p>
+
+			<p>
+				<button type="submit"><?= __( "Register" ) ?></button>
+			</p>
+		</form>
+
+	<?php else: ?>
+
+		<p><?= __( "Welcome aboard! Now you can test the login!" ) ?></p>
+
+		<p><?= HTML::a(
+			// link URL
+			http_build_get_query( 'login.php', [
+				'user_uid' => $page->getPOSTUsername(),
+			] ),
+
+			// link title
+			__( "Login Now" )
+		) ?></p>
+
+	<?php endif ?>
 
 <?php
+// end of the page content
+
+// print the page footer
 $page->printFooter();
diff --git a/www/static/my-style.css b/www/static/my-style.css
index 42ad49d..65e3f6c 100644
--- a/www/static/my-style.css
+++ b/www/static/my-style.css
@@ -1,4 +1,8 @@
 body {
 	max-width: 900px;
 	margin:0 auto;
 }
+
+.error-message {
+	background-color: yellow;
+}