Im quite new to php and am trying to write a simple login page. The page links to a mysql db with a list of usernames/passwords within it. Ive spent the last 2 days pulling out my hair trying to get this to work!

The page checks for the login button being pressed, then selects the record in the db where the un and pw matches. if there is one or more rows it redirects the user to another page.

BUT

It doesnt work and im really not sure why. Can any one help?

Heres my code.

<?php
error_reporting(E_ALL);
session_start();

if (isset($_POST['login'])) {

// Data Formating (Trim, htmlspecialchars)
$_POST['username'] = trim(htmlspecialchars($_POST['username']));
$_POST['password'] = trim(htmlspecialchars($_POST['password']));

//database connect
include 'dbconnect.php';

//set variables
$username = $_POST['username'];
$md5_pw = md5($_POST['password']);

//sql query & redirect
$sql = "SELECT ID, username FROM tblusers WHERE username = '$username' AND password = '$md5_pw'";

$result = mysql_query($sql) or die(mysql_error());
$count = mysql_num_rows($result);

if ($count > 0) {
$_SESSION['authorised_user'] = "true";
header("Location:http://www.example.com/secure/aps/loggedin.php");
}else {
$error_msg['login'] = '<div class=message>Incorrect login details - please check and try again</div>';
}
print mysql_error();
}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>title</title>
<meta name="robots" content="noindex, nofollow"/>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="pagewrapper">
<div id="headercont">
<h1 class="headertext">header</h1>
</div>
<div id="bodycont">
<h2 class="headertext2">Please log in below.</h2>
<div id="formwrapper">
<?php if (isset($error_msg)):?>
<?php foreach ($error_msg as $error_loc => $error_desc):?>
<?php echo $error_desc?><br />
<?php endforeach;?>
<?php endif;?>
<form enctype="multipart/form-data" action="<?php $_SERVER['PHP_SELF']?>" method="post">
<table width="760" border="0">
<tr>
<td>User Name</td>
</tr>
<tr>
<td><input name="username" type="text" tabindex="1" id="username" size="30" maxlength="30" value="" /></td>
</tr>
<tr>
<td>Password</td>
</tr>
<tr>
<td><input name="password" type="password" tabindex="2" id="password" size="30" maxlength="30" value="" /></td>
</tr>
<tr>
<td><input name="submit" type="submit" value="Login" alt="Login" tabindex="4"/></td>
</tr>
</table>
</form>
</div>
</div>
<div id="footer">
<p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Nam metus felis, feugiat ut, luctus vel, gravida id, nibh. Aenean lobortis, elit vel sollicitudin condimentum, ipsum lorem tincidunt augue, ac vulputate dolor arcu non est. Etiam diam massa, egestas eget, suscipit ac, aliquam et, diam. Duis orci libero, molestie id, commodo sed, ullamcorper at, elit. Vestibulum lorem. Vestibulum sagittis. Ut sed mauris id sem tincidunt fringilla. Maecenas a eros. Vestibulum ultricies, erat id faucibus imperdiet</p>
</div>
</div>
</body>
</html>

many thanks in advance

[edited by: eelixduppy at 12:17 pm (utc) on May 15, 2007]
[edit reason] exemplified [/edit]