$mdpass = md5($password);
$result = mysql_query("select * from member where RegNo ='$username' and Password ='$mdpass'")or die(mysql_error());
$row = mysql_fetch_array($result)
session_start(); //start a session
$_session['id']=$row['id']; //create a session variable
header('location:home.php'); //redirect to home.php
header('location:index.php'); //redirect to index.php
Well, to start, you're missing a
) on the line that's throwing an error (count your brackets).
Second, like other people have already (and always do) chime in with, take a look at proper practices regarding storing and using stored passwords.