Originally posted by carp
1. Yes:

$count = mysql_num_rows($loginresult);

2.

session_start();
session_register("username");
session_register("password");

$_SESSION['username'] = "blah";

session_destroy();


session_start(); needs to be at the top of every page
DO NOT use session_register("username"); if you set i twith $_SESSION[]. session_register() is deprecated

and no need for session_destroy(), to end a session just

$_SESSION['username'] = "";
unset($_SESSION['username']);

that is all.

fireSlash: why create a hash when php gives it to you already? the sessionID is unique so why not use that? you are creating more work then you have to.