I am relatively new to PHP so any help would be greatly appreciated. there seems to be a problem with my variable registration, but the first error is an if else statement and I cant figure out why it fails because it shouldent matter if its empty. Its saposed to check to see if its empty and if so ...else. Please help if you can. Thanks. here are the error messages. Notice: Undefined variable: lr_user in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 20 Notice: Use of undefined constant username - assumed 'username' in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 23 Notice: Use of undefined constant password - assumed 'password' in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 24 Notice: Use of undefined constant remember - assumed 'remember' in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 42 Warning: Cannot modify header information - headers already sent by (output started at c:\Inetpub\wwwroot\spiderweb\Login\redirect.php:20) in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 44 Warning: Cannot modify header information - headers already sent by (output started at c:\Inetpub\wwwroot\spiderweb\Login\redirect.php:20) in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 45 Notice: Use of undefined constant activate - assumed 'activate' in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 48 Notice: Undefined index: activate in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 48 Notice: Use of undefined constant redirect - assumed 'redirect' in c:\Inetpub\wwwroot\spiderweb\Login\functions.php on line 49 Notice: Use of undefined constant pchange - assumed 'pchange' in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 63 Notice: Undefined index: pchange in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 63 Notice: Use of undefined constant verified - assumed 'verified' in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 69 Notice: Undefined index: verified in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 69 Notice: Undefined index: user_name in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 95 Notice: Use of undefined constant redirect - assumed 'redirect' in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 98 Warning: Cannot modify header information - headers already sent by (output started at c:\Inetpub\wwwroot\spiderweb\Login\redirect.php:20) in c:\Inetpub\wwwroot\spiderweb\Login\redirect.php on line 104 here is my config.php //set up the names of the database and table $db_name ="Spiderweb"; $table_name ="main_log"; //connect to the server and select the database $server = "localhost"; $dbusername = "XXXXX"; $dbpassword = "XXXXXXX"; //domain information $domain = "localhost"; //Change to "0" to turn off the login log $log_login = "1"; //base_dir is the location of the files, ie http://www.yourdomain/login $base_dir = "http://localhost/spiderweb/login"; //length of time the cookie is good for - 7 is the days and 24 is the hours //if you would like the time to be short, say 1 hour, change to 60*60*1 $duration = time()+(60*60*24*30); //the site administrator\'s email address $adminemail = "XXXX@XXXX.com"; //sets the time to EST $zone=3600*-5; //do you want the verify the new user through email if the user registers themselves? //yes = "0" : no = "1" $verify = "0"; //default redirect, this is the URL that all self-registered users will be redirected to $default_url = "http://localhost/Spiderweb/home.php"; //minimum and maximum password lengths $min_pass = 8; $max_pass = 15; $num_groups = 1+2; $group_array = array("Power","Users","Administrators"); here is my redirect.php //prevents caching header("Expires: Sat, 01 Jan 2000 00:00:00 GMT"); header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); header("Cache-Control: post-check=0, pre-check=0",false); session_cache_limiter(); session_start(); //clear session variables session_unset(); //require the functions file require ("config.php"); require ("functions.php"); //check to see if cookies are already set, remember me if ((!$lr_user) || (!$lr_pass)) { $username = $_POST[username]; $password = $_POST[password]; }else{ $username = $lr_user; $password = $lr_pass; } //if username or password is blank, send to errorlogin.html if ((!$username) || (!$password)) { header("Location:$base_dir/errorlogin.html"); exit; } //sets cookies to remember this computer if the user asks to if ($_POST[remember] == "Yes") { setcookie("lr_user", $username, $duration, "/", $domain); setcookie("lr_pass", $password, $duration, "/", $domain); } if ($_POST[activate] == "Yes") { //make the connection to the database $connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error()); $db = @mysql_select_db($db_name,$connection)or die(mysql_error()); //build and issue the query $sql ="UPDATE $table_name SET verified = '1' WHERE username = '$_POST[username]'"; $result = @mysql_query($sql,$connection) or die(mysql_error()); } //sets session variables sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $username, $password); //check to see if the user has to change their password if ($_SESSION[pchange] == "1") { $_SESSION[redirect] = "$base_dir/pass_change.html"; } //check to see if the user has activated the account if ($_SESSION[verified] == "0") { $_SESSION[redirect] = "$base_dir/not_activated.html"; } //make the connection to the database $connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error()); $db = @mysql_select_db($db_name,$connection)or die(mysql_error()); //build and issue the query $sql ="SELECT * FROM banned"; $result = @mysql_query($sql,$connection) or die(mysql_error()); while ($sql = mysql_fetch_object($result)) { $banned = $sql -> no_access; if ($username == $banned || $REMOTE_ADDR == $banned) { include ('banned.html'); exit; } } $last_log = last_login(); //updates table with last log as now $sql = "UPDATE $table_name SET last_login = '$last_log' WHERE username = '$_SESSION[user_name]'"; $result = @mysql_query($sql,$connection) or die(mysql_error()); if (($_SESSION[redirect] != "$base_dir/errorlogin.html") && ($log_login == "1")) { include('loglogin.php'); } //redirects the user header("Location:$_SESSION[redirect]"); here is my functions.php //function to get the date function last_login() { $date = gmdate("Y-m-d"); return $date; } //function that sets the session variable function sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $user, $pass) { //make connection to dbase $connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error()); $db = @mysql_select_db($db_name,$connection) or die(mysql_error()); $sql = "SELECT * FROM $table_name WHERE username = '$user' and password = password('$pass')"; $result = @mysql_query($sql, $connection) or die(mysql_error()); //get the number of rows in the result set $num = mysql_num_rows($result); //set session variables if there is a match if ($num != 0) { while ($sql = mysql_fetch_object($result)) { $_SESSION[first_name] = $sql -> firstname; $_SESSION[last_name] = $sql -> lastname; $_SESSION[user_name] = $sql -> username; $_SESSION[password] = $sql -> password; $_SESSION[group1] = $sql -> group1; $_SESSION[group2] = $sql -> group2; $_SESSION[group3] = $sql -> group3; $_SESSION[pchange] = $sql -> pchange; $_SESSION[email]= $sql -> email; $_SESSION[redirect] = $sql -> redirect; $_SESSION[verified] = $sql -> verified; $_SESSION[last_login] = $sql -> last_login; } }else{ $_SESSION[redirect] = "$base_dir/errorlogin.html"; } } //functions that will determine if access is allowed function allow_access($group) { if ($_SESSION[group1] == "$group" || $_SESSION[group2] == "$group" || $_SESSION[group3] == "$group" || $_SESSION[group1] == "Administrators" || $_SESSION[group2] == "Administrators" || $_SESSION[group3] == "Administrators" || $_SESSION[user_name] == "$group") { $allowed = "yes"; }else{ $allowed = "no"; } return $allowed; } //function to check the length of the requested password function password_check($min_pass, $max_pass, $pass) { $valid = "yes"; if ($min_pass > strlen($pass) || $max_pass < strlen($pass)) { $valid = "no"; } return $valid; }