<?
// Use session variable on this page. This function must put on the top of page.
session_start();

////// Logout Section. Delete all session variable.
session_destroy();

$message="";

////// Login Section.
$Login=$_POST['Login'];
if($Login){ // If clicked on Login button.
$username=$_POST['username'];
$password=md5($_POST['password']); // Encrypt password with md5() function.

// Connect database.
$host="sql1.phpnet.us"; // Host name.
$db_user="paaaaa6"; // MySQL username.
$db_password="aaaaaaasdh"; // MySQL password.
$database="pn_334856_banks"; // Database name.
mysql_connect($host,$db_user,$db_password);
mysql_select_db($database);

// Check matching of username and password.
$result=mysql_query("select * from users where username='$username' and password='$password'");
if(mysql_num_rows($result)!='0'){ // If match.
session_register("password");
setcookie("user", $username, $time+3600);
header("location:main.php"); // Re-direct to main.php
exit;
}else{ // If not match.
$message="--- Incorrect Username or Password ---";
}

} // End Login authorize check.
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>

<body>
<? echo $message;?>
<form id="form1" name="form1" method="post" action="">
<table>
<tr>
<td>User : </td>
<td><input name="username" type="text" id="username" /></td>
</tr>
<tr>
<td>Password : </td>
<td><input name="password" type="password" id="password" /></td>
</tr>
</table>
<input name="Login" type="submit" id="Login" value="Login" />
</form>
</body>
</html>

After I enter the correct username and password, the page refreshes itself instead of heading to the main.php.....Dunno wats the problem?