[!--quoteo(post=375940:date=May 21 2006, 09:09 PM:name=jokeascool)--][div class=\'quotetop\']QUOTE(jokeascool @ May 21 2006, 09:09 PM) [snapback]375940[/snapback][/div][div class=\'quotemain\'][!--quotec--] Hello All, I am having a problem with a bit of code. I believe my logic is off somewhere and a fresh pair of eyes may help. I know that I can access the db and get the information. The problem is if I enter incorrect password or username it still sends me to the welcome page. Where as if the login info is wrong I want to go to index2 to have them try again. No matter what I enter it takes me to the welcome page. Could you please tell me what I am doing wrong. [code] <?php session_start(); unset($uname); unset($pword); $host="localhost:3306"; $user="username"; $lipassword="password"; $database="bfcc"; $uname=$_POST['fusername']; $pword=$_POST['password']; $connection=mysql_connect($host,$user,$lipassword) or die ("Problems Connecting to Server"); $db=mysql_select_db($database,$connection) or die ("Could not create connection with the database"); $query="SELECT * FROM users WHERE username = '$uname' AND password = '$pword'"; $result=mysql_query($query,$connection) or die("Could not execute query"); if (!mysql_num_rows($result)) { header("Location: index2.php"); } header("Location: welcome.php"); mysql_close($connection); ?> [/code] Thanks Joe [/quote] my suggestion would be to change if (!mysql_num_rows($result)) { to if (mysql_num_rows($result) > 0) { what you have now is probably returning a value of 0 instead of null like you want, making it pass through everyime.(i could be wrong, just trying to help)