I'm not sure what behavior 'die()' has after setting a header, but I'd prefer to use 'exit()'.

You had the following:
Code:
$db = mysql_connect("localhost",$user,$password)
Which is correct if you assign your username and password to those variables.
If you are unsure what the username and password are use "root" and "" as I mentioned in the other post.

The problem here probably is the SQL.
Code:
"SELECT count(user_id) from users WHERE
pass = '$_SESSION[pass]' AND user_name='$_SESSION[user_name]'"
The '=' operator in SQL is solely for numerical comparison. When comparing with strings you want to use the 'LIKE' operator.
Also you can't encapsulate an associative array value. So you cant call $_SESSION[user_name] inside a string.
Instead you can assign them to individual variables which you already did.
So basically we can do the following:
Code:
"SELECT count(user_id) from users WHERE
pass LIKE '$dbpass' AND user_name LIKE '$dbuser'"