hey What am i doing wrong here. I got this code from a site and i followed the instruction to the teeth. But it's not working. I had modified it but still not working. The Problem is that after the user enters the user name and pass the user does not get redirect to main.php instead it just sits there with a blank page and the url reads http://localhost/re/userlogin.php (where userlogin.php is the page where the user types his user and pass. This is the orginal code: <?php // we must never forget to start the session session_start(); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { // first check if the number submitted is correct $number = $_POST['txtNumber']; if (md5($number) == $_SESSION['image_random_value']) { include 'settings/config.php'; include 'settings/opendb.php'; $userId = $_POST['txtUserId']; $password = $_POST['txtPassword']; // check if the user id and password combination exist $sql = "SELECT user_id FROM tbl_auth_user WHERE user_id = '$userId' AND user_password = PASSWORD('$password')"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['image_is_logged_in'] = true; // remove the random value from session $_SESSION['image_random_value'] = ''; // after login we move to the main page header('Location: http://qts-corp.com'); exit(); } else { $errorMessage = 'Sorry, wrong user id / password'; } include 'settings/closedb.php'; } else { $errorMessage = 'Sorry, wrong number. Please try again'; } } ?> If anyone can help , it would be much appreciated. Thanks