[snip] session_start(); $_SESSION = "user"; $_SESSION = "pass";
This doesn't work of course, but as I said I'm unsure of how the $_SESSION superglobal is used, and the info I've found about it didn't shed much light... I hope I'm just tired today 8-) Another semi-related question is, is it common to include the username and password for a site directly in the PHP code on a site... even if it is in an include file? [/snip] first $_SESSION works like this: session_start(); $_session[user]=$_POST[user];//if using register_globals=off $_SESSION[user]=$user;//if register_globals=on..unsafe though $_SESSION superglobal is an array (usually associative) meaning that the element of the array (the part in the []) is either a variable name or some custom name instead of the element number.... $_POST[user] and $user are 2 different variables if register_globals=off... to answer the second question about user/password names in scripts...if at all possible avoid it at any cost to yourself...even in an include file... use some other way to store/retrieve the user/password (mysql or something like that). and for me if its a password i usually encrypt it before storing it.. hope that helps.. grin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php