PHPRegister

It says: SELECT * FROM test1 WHERE username='' and password=''Wrong Username or Password

Yes, I followed phpesaystep as a tutorial. Can you redirect me to somewhere better? Pikachu2000

Still a wrong password message.

How? Also, there are no error messages just a Wrong password meesage.

NO, all the variables are filled in. I have hidden them.

I have a problem with a login script I have. Here is the full code: <?php ob_start(); $host= $username= $password= $db_name= $tbl_name= // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> When I run the file, it tells me Wrong password message. What have I done wrong?