I'm new here and trying to build some reputation up.

Here is a basic login script I programmed with lots of comments to help the people who are new to programming to understand it better.

session_start(); //start a session

//mysql connect
mysql_connect("", "", "") or die (mysql_error());

//select database
mysql_select_db("") or die (mysql_error());

//display login form
<form action='login.php' method='POST' />
Username: <input type='text' name='username' /> <br />
Password: <input type='password' name='password' /> <br />
<input type='submit' name='login' value='Login' />

if (isset($_POST['login'])) { //check if the user has clicked the "Login" button

    //store user input in variables and secure them against sql injections
    $username = mysql_real_escape_string($_POST['username']);
    $password = md5($_POST['password']);

    //check if user exists in the table
    $query = mysql_query("SELECT * FROM tablename WHERE username = '$username' AND password = '$password' ") or die (mysql_error());

    if (!(mysql_num_rows($query)) {
        echo"You don't exist."; //if they dont display a error
        //if they exist
        $_SESSION['user'] = $_POST['username']; //create a session
        header('location:home.php'); //redirect to another page


*untested but should be no errrors