password error alert message?!

[simmsy]

Hi i was just wondering if anyone could tell me why i get this javascript alert when the username is entered wrong but it just refreshes page when the password is entered wrong and doesnt display error? Heres the code:

// Check matching of username and password.

$result=mysql_query("select username, password from users where username='$username' and password='$md5_password'");

while($row = mysql_fetch_array($result))

{

$user = $row['username'];

                                $password = $row['password'];

if(($username==$user)AND($password==$md5_password)){ // If match.

session_register("username"); // Craete session username.

header("location:index.php"); // Re-direct to main.php

exit;

}else{ // If not match.

echo "<script language=\"JavaScript\">\n";

echo "alert('Username or Password was incorrect!');\n";

echo "window.location='login.php'";

echo "</script>";

 

please help?

[ChemicalBliss]

You matched both in mysql, you dont really need that second check.

 

// Check matching of username and password.
$result=mysql_query("select username, password from users where username='$username' and password='$md5_password'");

// Check the amount of rows returned:
if(mysql_num_rows($result) >= 1){

// Put first row into $row
$row = mysql_fetch_array($result);
$user = $row['username'];
$password = $row['password'];

$_SESSION['username'] = $user; // Create session username, and set it.
header("location:index.php"); // Re-direct to main.php
exit;
}else{
echo "<script language=\"JavaScript\">\n";
echo "alert('Username or Password was incorrect!');\n";
echo "window.location='login.php'";
echo "</script>";
}

 

-cb-