Very good. Allthough, I think it's much easier to check user and pass at the same time:SELECT * FROM users where usnmaere='$usnmaere' AND password = $pass'Plus it's more secure because you don't let hackers now that the usnmaere exisits you just display usnmaere and/or password doesn't exist I don't understand the while in conjunction with mysql_fetch_assoc, doesn't work the same without the while?
The reason for the loop is that it will get every reocrd present for each time it loops And yeah, I suppose that is a good way of doing it, I was just showing how to easily evaluate a password and if it is correct or not.