Hi guys i need a little help with a login script i have been building I need it to read a code from the database and then use that code on the next page to tell the script "this is where the password comes from... It would be easier to have the full login on the front page but the guy who I'm building this for has specifically asked for this... anyway heres the Index.php, the Login.php and the global.php anyway the problem is that the login wont let me get in... it keeps on saying that the code is invalid but the code that I'm using is there and its all being linked to.... so could someone help me please Index [code] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Secure* Login Panel</title> <link href="includes/styles.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="header">Secure* Login Panel</div> <br /><br /><br /><br /><br /><br /> <div align="center"> <div id="loginbox"> <div id="loginboxleft"> <p>Welcome to the Secure* Login Panel <p> Please enter a valid code to proceed </div> <div id="loginboxright"> <h1>Login Stage one</h1> <div id="mainloginbox"> <form id="form1" name="form1" method="post" action="login.php"> <p>Please enter your code<br /> <input name="usrcode" type="text" id="usrcode" /> </p> </p> <p> <input name="Submit" type="submit" class="button" value="Next" /> </p> </form> <?php if ($_GET['error'] == 1) { echo '<div class="error">Code incorrect! Please enter a valid code</div>'; } if ($_GET['error'] == 2) { echo '<div class="error">Your session has timed out. Please log in again.</div>'; } if ($_GET['error'] == 3) { echo '<div class="error">Your Code is either invalid or not activated! Please enter a valid code.</div>'; } ?> </div> </div> </div> </div> </body> </html> [/code] Login.php [code] <?php include("includes/global.php") ?> <?php $code = htmlentities($_POST['usrcode'], ENT_QUOTES); $sql = "SELECT `code` FROM `jos_users` WHERE code='$code' AND (activation ='yes')"; $result = mysql_query($sql); if (mysql_num_rows($result) == 0) { header('location: index.php?error=1'); exit(0); } $row = mysql_fetch_array($result); if ($code == $row ['code']) { //$_SESSION['userloggedin'] = $row ['cid']; $_SESSION['userloggedinname'] = $row ['code']; header('location: login2.php'); } else { header('location: index.php?error=1'); exit(0); } ?> [/code] Global.php [code] <?php //SESSION session_start(); ob_start(); ini_set('session.gc_maxlifetime', '36000'); //GLOBAL VARIABLES $database_location = "localhost"; $database_username = "root"; $database_name = "login"; //connect to the MySQL server $dbcnx = mysql_connect($database_location,$database_username,$database_name); if (!$dbcnx) { echo "Connection Error.<br>"; } else { echo "Connection OK.<br>"; } //Select the database if(!mysql_select_db($database_name,$dbcnx)) { echo "DB Selection Error.<br>"; } //else { echo "DB Selection OK.<br>"; } ?> [/code] i am not using it online yet...i am using the Joomla stand alone server (JSAS) so that is why there is no password for the DB Sorry for the length of this post but I really need help....