Ok I understand that.
Can't I use the same table with the username and password for the lookup recordset? And the recordset sql would have a variable like
WHERE login.username = var1
and var1 is $_POST['username']
and then the session for username would be the username from the recordset
and then the value of the textfield, username would be the session?