The problem you are experiencing Becca has to do with the ampersand in your username. (The & symbol.) The & symbol is an identifier in code. In PHP, it tells the code that a variable must exist to keep going. Also in PHP, depending on where it is being used, it needs to be escaped before it is processed. When passing the variable to the url (which we do a lot on this site), it needs to be written differently so it is interpreted correctly. The chat script isn't handling the escape the way it should, so it is flagging you as trying to inject something via the login. (A safe guard to prevent malicious code from being executed on the site.) I will make an attempt to locate where the login is being executed, but there are no guarantees with it. If I can find it, I can rewrite it to work properly. (I bought this script and just integrated it with our site.) If its being processed by one of the encrypted files, which there are 3, I won't be able to correct it.