Are you using a database? If so, compare the pulled username or password with the given one. MySQL searches are case-insensitive by default. You could do something like: $query = mysql_query(" SELECT * FROM users WHERE username = '". mysql_real_escape_string($_POST['username']) ."' AND password = '". mysql_real_escape_string($_POST['password']) ."' LIMIT 1 ") OR die(mysql_error()); if ($userinfo = mysql_fetch_array($query)) { if ($userinfo['username'] == $_POST['username'] AND $userinfo['password'] == $_POST['password'] ) { // Correct login } } // Incorrect login PHP: