I have a login page, and it works, but when someone logs in correctly, the page just sits there, i want it to go to protected2.php. I know i should use the header("Location: http://localhost/protected2.php"); but i don't know where i should put it in the code. Could someone please help me? My login file is included below:

<?php //accesscontrol2.php

include("common.php");
include("db.php");

session_start();
if(!isset($uid)) {
?>
<html>
<head>
<title>Please Log In For Access</title>
</head>

<body>
<h1>Login Required</h1>
<p>You must log in to access this area of the site. If you are not a registered
user, <a href="signup.php">click here</a> to sign up for instant access!</p>
<p><form method="post" action="<?=$php_self?>">
User ID: <input type="text" name="uid" size="20"><br>
Password: <input type="password" name="pwd" size="20"><br>
<input type="submit" value="Log In">
</form>
</body>
</html>
<?php
exit;
}
session_register("uid");
session_register("pwd");
dbconnect("members");
$sql = "select * from members where username = '$uid' and password = '$pwd'";
$result = mysql_query($sql);
if(!$result) {
error("A database error has occured while processing your request.\\nIf this problem
persists, please contact trhynard@aol.com.");
}
if(mysql_num_rows($result) == 0) {
session_unregister("uid");
session_unregister("pwd");
?>
<html>
<head>
<title>Access denied</title>
</head>
<body>
<h1>Access Denied</h1>
<p>Your user id or password were incorrect, or you are not a registered user.
To try logging in again, click <a href="<a href="$php_self">here</a>
If you are not registered, click <a href="signup.php">here</a> to sign up.</p>
</body>
</html>
<?php
exit;
}
?>