Hi Joe,

the script you show seems to be cut out of a larger scriptfile.
Try to locate line 14 in that original file. There (or even before, depending on the error) must be the error.

As far as I can see there should be a blank between the "include" and the file name. Don't know, however, if your error is related to this, as I don't know, if this is your line 14.

Regards,
R.

This is the entire script. Line 14 is the header line. I don't know if this helps.

Try changing your headler line from:
header("Location:http://members.example.com/$row['USLP']");

To:

header("Location:http://members.example.com/{$row['USLP']}");

Or:

header("Location:http://members.example.com/".$row['USLP']);

I changed the script to this and now it just clears the form but, does not redirect me to the "Header"

<?php
session_start();
$username=$_POST['username'];
$password=md5($_POST['password']);
$sql="select * from usertable where username='$username' and password='$password'";
$result=mysql_query($sql);
if(mysql_num_rows($result)!=1){
$error="Login Failed";
include "login.php";
}else{
$row=mysql_fetch_array($result);
$_SESSION['username']="$username";
$_SESSION['ip']=$_SERVER['REMOTE_ADDR'];
header("Location:http://members.example.com/{$row['USLP']}");
}
?>

Maybe try removing the double quotes in this line:

$_SESSION['username']="$username";

Try this:

$_SESSION['username']=$username;

That didn't work either. It submits like it is working and then it doesn't do anything.

You need a space after the colon, I believe.

header("Location: [members.example.com...]

I added the space but, it still doesn't do anything. I don't think it is checking the username password against that of the database because I get the same results when I leave the username password blank.

Yes, it does appear that the SQL is not working properly. Try printing your $sql variable to see that the proper values are being sent in the query and that the values actually exist in the db.

session_start();
$username=$_POST['username'];
$password=md5($_POST['password']);
$sql="select * from usertable where username='$username' and password='$password'";
print $sql;

This is what it shows when I enter a username and password. I get this message with any username and password even if it doesn't exist in the database. Should the mysql_connect command be placed somewhere else other than in the <head> of the HTML? This is where it is located currently. I am somewhat of a begginer if you couldn't tell and I appreciate your patience.

select * from usertable where username='' and password='d41d8cd98f00b204e9800998ecf8427e'

Sorry forgot to include this in the previous message

It looks like the username field is not getting into the sql query. Double-check your form to see if the name of the input is mispelled. It is case sensitive.

I left the username blank. I get the same message whether I fill out a username or not.

I get the same message whether I fill out a username or not.

The username is blank every time? If so, then there's the problem. If the username is there, when you actually type it in, AND the exact password/username pair exists in the db, then I'm running out of ideas.

Try changing this line:

$result=mysql_query($sql) or die(mysql_error());

This will print any mysql errors that occur.

It says "NO DATABASE SELECTED". I thought I was already telling it that. Is there a way to incorporate the "mysql_connect & mysql_select_db" commands in this script? If so where should I put them. If not where should I put the mysql_connect & mysql_select_db commands. In the login.html?

Ah, at least you found your problem. You can put mysql_connect() and mysql_select_db() anywhere before the actual mysql_query() command.

Regards

thanks