Assuming this is the entire script, are you connecting to MySQL and selecting a database?

Also, add error messages to your MySQL connecton, etc. so you can see what's happening, like:

if (!$dbl = mysql_connect($host,$user,$pass)) die(mysql_error()); 
... 
if (!$result = mysql_query($sql)) die(mysql_error());

What's the action attribute of your login form? Does it point to this script?

Also, you're not going to see the $error message, unless you echo it.

$error = "Login failed"; 
echo $error; 
// or just 
$echo "Login failed";

I hope this helps.

This is the script I am using to connect to the database. I am placing this in the head section of login.html. Is this wrong? Could this be why the action script isn't working?

<?php $dbh=mysql_connect ("localhost", "mysql_user", "******") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("mysql_table");
?>

o.k I have changed the entire login.php file that the HTML form action is pointing to. I am still not getting anywhere with this script. It should display the URL I have specified in the Header if correct but, show an error if incorrect but, it doesn't seem to be doing anything. Does everything look o.k. on my script? Do you think my problem lies in the database connection? If I can isolate the problem I am more than happy to do the research. Everything I have read tells me this is correct but, why is it not performing the action requested?

here is the file login.php I think I forgot to attach it to the previous message.

<?php resource mysql_connect ( [string server [, string username [, string password [, bool new_link [, int client_flags]]]]])
$host = "host";
$user = "user";
$pass = "pass";

$connection = mysql_connect($host,$user,$pass) or die (mysql_errno().": ".mysql_error()."<BR>");
$error = "Login failed";
echo $error;
// or just
$echo "Login failed";

if (!$dbl = mysql_connect($host,$user,$pass)) die(mysql_error());
...
if (!$result = mysql_query($sql)) die(mysql_error());

bool mysql_select_db ( string database_name [, resource link_identifier])

$dbname = "dbname";
mysql_select_db($dbname);

session_start();
$username = $_POST['username'];
$userpass = md5($_POST['password']);
$sql = "select * from usertable where username='$username' and password='$userpass'";
$result = mysql_query($sql);
if (mysql_num_rows($result)!= 1) {
$error = "Login failed";
} else {
$row = mysql_fetch_array($result);
$_SESSION['username'] = "$username";
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
header("Location: [website...]
}
?>

Joe, It's not going to work for you to just copy and paste things from here and there, and expect it to work. I encourage you to write your own code, but for it to work you're going to have to understand the meaning and purpose of every line, and even of every character. I suggest you go to the PHP Manual [us2.php.net] and look up the various functions and terms that you've used above. Examine the examples of how and were to use them. Take the time to study and apply these details, and you'll do fine.

I wish you well.

Thank you. I will follow your advice.