My login script i made worked but when i switched servers i lost the original and i found a saved copy on my home pc. The register.php still works, the 'users' table in mysql did not change when i swithced servers. But just in case my 'users' table has the following attributes. 'username', 'password', 'email', 'lastname' 'id'. id is autoincrementing PK. here is my login.php code:


<?

/**
* Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}

/* Verify that user is in database */
$q = "select password from users where username = '$username'";
$result = mysql_query($q,$conn);
if(!$result || (mysql_numrows($result) < 1)){
return 1; //Indicates username failure
}

/* Retrieve password from result, strip slashes */
$dbarray = mysql_fetch_array($result);
$dbarray['password'] = stripslashes($dbarray['password']);
$password = stripslashes($password);

/* Validate that password is correct */
if($password == $dbarray['password']){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
}

/**
* checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}

/* Username and password have been set */
if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}

/**
* Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $logged_in;
if($logged_in){
?> <html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Page-Enter" content="blendTrans(Duration=1.0)">
<title>Untitled Document</title>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_reloadPage(init) { //reloads the window if Nav4 resized
if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
}
MM_reloadPage(true);
//-->
</script>
<style type="text/css">
<!--
.style1 {
font-size: 24px;
font-weight: bold;
font-family: "Times New Roman", Times, serif;
}
.style3 {
font-size: 12px;
color: #FF0000;
}
-->
</style>
</head>

<body>
<p>Logged In!!! </p>
<p class="style3">Click on the links below to proceed to the correct members page. </p>
<p class="style3"><a href="protected.php" target="Left">Samples Page</a><br>
<a href="playlist.php" target="_blank">Playlist </a></p>

</body>
</html>

<?
}
else{
?>
<html>
<h1>Login</h1>
<form action="" method="post">
<table width="309" border="0" align="left" cellpadding="3" cellspacing="0">
<tr><td width="87">Username:</td><td width="1147"><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr></tr>

<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="sublogin" value="Login"></td>
</tr>
<tr><td colspan="2" align="left"><a href="register.php">Not A Member??? Click Here To Join</a></td></tr>
</table>
</form>
</html>
<?
}
}


/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
/* Check that all fields were typed in */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/*makes sure tac check box is checked*/
/* if(isset(!$_POST['tac'])){
die('You must agree with the terms stated in the TOC or you may not enter.');
}
/*if($tac==){
die('You must agree with the terms stated in the TOC or you may not enter.');

}*/



/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}

/* Checks that username is in database and password is correct */
$md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);

/* Check error codes */
if($result == 1){
die('That username doesn\'t exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}

/* Username and password correct, register session variables */
$_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;

/**
* This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}

/* Quick self-redirect to avoid resending data on refresh */
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}

/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();

?>




Also.... how would i execute this login procedure from a form created on another page (index.htm) would i just have the 'action=login.php' or would i have to have other settings. Thanks!

John