I run a custom PHP, JavaScript, and Bootstrap website that already has login and registration working, but I need a few small refinements so the user flow is more secure and consistent. Here’s what I want done: • Registration form – make email address and mobile number mandatory fields. • Account activation – send a verification email and, as an alternative, allow activation through a one-time-password (OTP) sent to the user’s mobile. Either method should mark the profile as active before access is granted. • Search restriction – visitors must be logged in (or register first) before they can use the site’s search feature. The existing codebase is clean and modular, so these tweaks should slot in neatly without rewriting core logic. You’ll be working directly in PHP for the backend, using Bootstrap-styled forms on the frontend, and vanilla JS where needed. Deliverables: updated registration and login scripts, any new database columns or tables, and brief setup notes so I can test everything locally before deploying. I’m looking for a quick, reliable fix that keeps my current layout intact while tightening access control.