Welcome to WebmasterWorld!

Try something like this:

$result = mysql_query( "SELECT User_id,User_password FROM `$dbnametwo` WHERE User_password = '$ipassword' and User_id = '$userId'")or die("SELECT Error: ".mysql_error());

Notice how I added the quotes around the variables in the query. This is so they are interpreted as strings and not column names :)

<?php
include 'config.php';
mysql_connect($dbhost,$user,$password);
@mysql_select_db($database) or die( "Unable to select database at "+ $dbhost);

$userId = $_POST['iUserName'];
$ipassword = $_POST['iPassword'];

$result = mysql_query( "SELECT user_id,user_password FROM $dbnametwo WHERE user_id = '$userId' AND user_password = '$ipassword'")
or die("SELECT Error: ".mysql_error());

if($result!= NULL)
{
$row = mysql_fetch_row($result);
$userId= $row['User_id'];
setcookie("Username", $userId, time()+7200);
header('Location: index.php');
}
else
{
print "<SCRIPT>alert('Login is Invalid!')</SCRIPT>";
}
?>
-----------------------Code Above
Thanks for the welcome to the forums, Ok i put in the Select statement into phpmyadmin query and it worked and returned the correct fields, how ever in my code if($result!= null) is always true reguardless of the user name and password, is there a different way to say if it finds the right user and password, then variable is true.?

Sorry to bump this but i still need help

if(!$result)
{
echo mysql_error();
print "<SCRIPT>alert('Login is Invalid!')</SCRIPT>";
} else {
$row = mysql_fetch_row($result);
$userId= $row['User_id'];
setcookie("Username", $userId, time()+7200);
header('Location: index.php');
}

You can try this.

This will also give you the error.

if(!$result)
{
echo mysql_error();
print "<SCRIPT>alert('Login is Invalid!')</SCRIPT>";
} else {
$row = mysql_fetch_row($result);
$userId= $row['User_id'];
setcookie("Username", $userId, time()+7200);
header('Location: index.php');
}