werner

Solved :) (one just need to keep bangign the head against the wall a few thousand times)

Thanks for your reply. At least now it'ss display the form, though only once. Problem: After pressing submit, it goes straight to index.php, (the loginpage is at index.php?page=login_page) nomatter what i type in the form-fields. I was under the impression $SERVER[PHP_SELF] did return you to the exact page you're on... but maybe that's what it's doing, as the loginpage is included into the index.php. In that case I have no clue on how to get this working. Help greatly appreciated :) new code: [code]<?php   $fields = 'Brukernavn:<br />'.write_textfield(menulogin, text, user).'<br />Passord:<br />'.write_textfield(menulogin, password, pass).'<br />'.write_submit('login', 'Logg inn!');   echo('   <h1>Logg inn</h1>   ');   //if no post is made   if(!$_POST)   {     echo write_form($fields, $_SERVER[PHP_SELF], 'post');   }   else   {     //set username and password variables, escape chars, set pass as md5 checksum     $username =  mysql_real_escape_string($_POST['user']);     $password = md5($_POST['pass']);     //select users which matches submitted password and username (It'll be submitted in a form further down)     $result = mysql_query("       SELECT count(id)       FROM users       WHERE password='".$_POST[pass]."'       AND username='".$_POST[user]."'     ");     //if there is a match! (access granted)     if (mysql_num_rows($result) > 0)     {       //already escaped username and md5'ed the password       $_SESSION['user'] = $_POST['user'];       $_SESSION['pass'] = $_POST['pass'];       echo('<p>Du er nå logget inn :)</p>');     }     //no match in DB, try again     else     {       echo('<p>Beklager, feil brukernavn eller passord!</p>');       echo write_form($fields, $_SERVER[PHP_SELF], 'post');     }   //end else   } ?>[/code]

When I click on the login-link on my site, the page below is displayed. However, the if-statement is always executed, even the first time I enter the page (the message that you've now logged in), when it should(?) display the login form. The site is included into my index.php, and in index.php the databaseconenction is called (if you're wondering where that is). Anyone got a clue? [code]<?php   echo('   <h1>Logg inn</h1>   ');   //set username and password variables, escape chars, set pass as md5 checksum   $username =  mysql_real_escape_string($_POST['user']);   $password = md5($_POST['pass']);   //select users which matches submitted password and username (It'll be submitted in a form further down)   $result = mysql_query("SELECT count(id) FROM users WHERE password='$_POST[pass]' AND username='$_POST[user]'");   //if there is a match! (access granted)   if(mysql_num_rows($result))   {     // We've already added slashes and MD5'd the password     $_SESSION['user'] = $_POST['user'];     $_SESSION['pass'] = $_POST['pass'];     echo('<p>Du er nå logget inn :)</p>');     //prevent code below to be executed     exit;   }   //no match in DB, try again   else   {     $fields = 'Brukernavn:<br />'.write_textfield(menulogin, text, user, brukernavn).'<br />Passord:<br />'.write_textfield(menulogin, password, pass, passord).'<br />'.write_submit('login', 'Logg inn!');     echo write_form($fields, $_SERVER[PHP_SELF], 'post');   } ?>[/code]