thanks for the help. with the suggestions, this is what finally resulted, i figured i'd post it in case it's help to any one else.
<?php $username = rtrim($HTTP_POST_VARS['username']); $password = rtrim($HTTP_POST_VARS['password']); if ($username === "" or $password === "") { header ("Location: http://www.some.com/badlogin.php"); } $db = pg_connect("dbname=some_com user=some_com"); $query = "SELECT * FROM userinfo WHERE firstname='$username'"; $authresult = pg_exec($db, $query); if (pg_numrows($authresult) < 1) { header ("Location: http://www.some.com/secure/badlogin.php"); pg_close ($db); exit; } $row = pg_fetch_row($authresult,0); $pass=rtrim($row[2]); if (strcmp($password,$pass)==0) { mt_srand((double)microtime()*1000000); $random_cookievalue = mt_rand(); setcookie ($REMOTE_ADDR, $random_cookievalue, time()+900); header ("Location: https://www.some.com/secure/index.php"); pg_close ($db); exit; } else { header ("Location: http://www.some.com/badlogin.php"); pg_close ($db); exit; } ?> anyway, it works the way i want it to ;-) thanks again for your help, everyone. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]