It answers with:

ID is: .
Resulting is: 1
Redirection failed. Please redirect yourself to main website.

Redirection isn't a problem. I disabled auto-redirect so that I can see error at work.

Can you please tell me why you need to send two mysql queries during login credentials validation?

For security reason, what these pages tell the user, when they arrived upon redirect?

header ("Location: index.php?look=login&err=nun");
header ("Location: index.php?look=login&err=npw");

these are wrong data types. Supposedly, you want 0 and 1 as an integer or numeric data type.

if ($resulting == "0")

## and
elseif ($resulting == "1")

proofs that the above will always return false if you are referring to the mysql_num_rows response.


    $x = "0";
    $y = "1";


    echo '<br/>';


the above will return


which is nowhere close to either presumed returned values of either

$resulting = mysql_num_rows(mysql_query("SELECT * FROM members WHERE loginname='$post_username' and password='$post_password'"));


 $user_datagain = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE username='$post_username' and password='$post_password'"));

Both of the queries above will return an integer that's for sure. You can read more about data-types in mysql here.

I strongly suggest that you should reconsider re-writing your script's logic construct.