<?php include("dbsettings.php"); ?> <?php // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Get values from form $charName=$_POST['charName']; $charRace=$_POST['charRace']; $charClass=$_POST['charClass']; $charLvl=$_POST['charLvl']; $prof1=$_POST['charprofession1']; $prof2=$_POST['charprofession2']; $email=$_POST['email']; $password=$_POST['password']; $pass2=$_POST['password2']; $md5pass= md5 ('$password'); // To protect MySQL injection (more detail about MySQL injection) $charName = stripslashes($myusername); $password = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE charName='$charName' and password='$password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("charName"); session_register("password"); header("location:success.php"); } else { echo "Wrong Username or Password. Please try again."; } ?>
Try adding session_start(); at the top of the file: <?php [B]session_start();[/B] include("dbsettings.php"); // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); Code (markup): Also, there's no need to set your include off in a separate pair of php tags. Since the whole file is PHP, a single tag at the top (and a closing tag at the bottom) is enough.