[!--quoteo(post=382825:date=Jun 12 2006, 08:47 AM:name=Crayon Violent)--][div class=\'quotetop\']QUOTE(Crayon Violent @ Jun 12 2006, 08:47 AM) [snapback]382825[/snapback][/div][div class=\'quotemain\'][!--quotec--] login.php [code] <?php session_start(); if ($_POST['login']) { if (!$_POST['user'] || !$_POST['pass']) { echo "no username or password entered."; } else { $conn = mysql_connect('localhost','username','password'); $db = mysql_select_db('dbname',$conn); $user = mysql_real_escape_string($_POST['user']); $pass = mysql_real_escape_string($_POST['pass']); $sql = "select * from tablename where user = '$user' and pass = '$pass'"; $result = mysql_query($sql); $is_user = mysql_num_rows($result); if ($is_user > 0) { $info = mysql_fetch_array($result); $_SESSION['userinfo'] = $info; header("location: targetpage".$info['page'].".php"); exit(); } else { echo "incorrect username or password."; } } } else { $form = "<form action='{$_SERVER['PHP_SELF']}' method = 'post'>"; $form.= "Name:<input type='text' name = 'user'><br>"; $form.= "Password:<input type='password' name='pass'><br>"; $form.= "<input type='submit' name = 'login' value='login'>"; echo $form; } ?> [/code] targetpage1.php (or whatever) [code] <?php session_start(); if ($_SESSION['userinfo']) { $userinfo = $_SESSION['userinfo']); } else { header("Location: login.php"); exit(); } echo "hello ". $userinfo['user'] . " you are logged in and on page " . $userinfo['page']; ?> [/code] there are much more efficient ways to do your scripting though. for instance, if you have 50 pages that are all going to do about the same thing, you would want to have 1 page that just checks for which number to base the script off of, and you would do something like this: header("Location: targetpage.php?page=".$info['page']); which will send you to targetpage.php?page=2 for example. and then you would check which page it is by something like so: if ($_GET['page']) { $page = $_GET['page']; } and then base your code on $page [/quote] Thanks for the detail. I will give it a shot.