Is 'session_register("yourVar");' necessary? I've just posted a thread with a similar problem, except the $_SESSION variables are set but can only be retrieved from one page.

Also Kenny_Oh, it might be wise to validate the data the user puts in the form, bearing in mind your code is open to SQL injection attacks.