I am looking for help with session handling. I have modified Joe Jarosciak`s password script slightly, so that instead of logging in to d/l files, you login to one or two secure area`s. (depending on the access level of password used) How and where can i modify this more, so that a session will be created, and the logged-in users data will be passed over to the two secure area`s?? e.g. pass the login information to the two secure area pages, so they can evaluate if the user is allowed to view them or not! Heres the sript so far: <------------------- index.php-------------------> <html> <head> </head> <body bgcolor="#FFFFFF"> <table border="1" width="100%" bgcolor="#000000" bordercolor="#000000" cellspacing="0"> <tr> <td width="100%"> <p align="center"><b><font size="4" color="#FFFFFF">Authorized Access Only</font></b></td> <form method="POST" action="secure.php"> <center> </tr> </table> <address align="center"> </address> <address align="center"> </address> <address align="center"><b>Name:</b></address> <address align="center"> <input type="text" name="PHP_AUTH_USER" size="20" value=""></address> <address align="center"> </address> <address align="center"><b>Password:</b></address> <address align="center"><input type="password" name="PHP_AUTH_PW" size="20" value=""></address> <p align="center"><input type="submit" value="Login" name="B1"> <input type="reset" value="Reset"> </p> </form> </body> </html> <--------------------end index.php-------------------> <---------------------secure.php---------------------> <?php $auth = false; if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) { $filename = ("D:\Inetpub\wwwroot\password\vault\passwords.txt"); $fp = fopen( $filename, 'r' ); $file_contents = fread( $fp, filesize( $filename ) ); fclose( $fp ); $lines = explode ( "\n", $file_contents ); foreach ( $lines as $line ) { list($username,$password,$tc,$fc) = explode(':', $line ); // echo '<br>'; // echo $username; // echo ' : '; // echo $password; // echo '<br>'; if (( $username == "$PHP_AUTH_USER" ) && ( $password == "$PHP_AUTH_PW" )) { $auth = true; break; } } } // ==================Header + IP Checking====================== $updated_from=getenv("REMOTE_ADDR"); print (' <div align="center"> <center><table border="1" cellpadding="0" cellspacing="0" width="667" bgcolor="#000000" bordercolor="#000000"><tr> <td width="100%"> <p align="center"><font color="#FFFFFF" size="0"> Connected from (IP): '); print '<font color="#FFFF00">'; print $updated_from; print '</font></font><font color="#FFFF00" size="0"> </font><font color="#FFFFFF"><font size="0"> | <font size="1"> Your username - </font>'; print '<font color="#FFFF00">'; print $PHP_AUTH_USER; print '</font></font></font><font color="#0000FF" size="0"> </font><font color="#FFFF00" size="0"> </font></p></td></tr></table></center><br></div>'; // ==================end - Header + IP Checking====================== // ==================on support or not======================= if (! $auth) { echo '<br> You used username: '; echo $PHP_AUTH_USER; echo '<br> You used password: '; echo $PHP_AUTH_PW; echo '<br>'; echo '<br><center>'; echo '<br>'; echo '<p><font color="#000000"><b>Sorry, but this is wrong. Authorization with right username and password is Required!</b></font></p>'; exit; } if (($auth) and ($tc == '1')) { print '<b><font color="#000000" size="1">- You are authorized for access area 1.</font></b><br>' ; } if (($auth) and ($fc == '1')) { print '<b><font color="#000000" size="1">- You are authorized for access area 2.</font></b><br>' ; } if (($auth) and ($tc == '0')) { print '<b><font color="#FF0000" size="1">- You are not authorized for access area 1.</font></b><br>' ; } if (($auth) and ($fc == '0')) { print '<b><font color="#FF0000" size="1">- You are not authorized for access area 2.</font></b><br>' ; } // ==================end -- on support or not======================= // ==================buttons======================= if (($auth) and ($tc == '1')) { print '<a href="access_area1.htm"><font face="Arial, Helvetica, sans-serif"><b><font size="4" color="#FFFFFF">Area 1</font></b></font> </a><br>'; } if (($auth) and ($fc == '1')) { print '<a href="access_area2.htm"><font face="Arial, Helvetica, sans-serif"><b><font size="4" color="#FFFFFF">Area 2</font></b></font> </a>'; } // ==================end buttons======================= if ($auth) { echo '<b><center><font size="1">Thank you. You were authorized with right username and password!</font></b>'; } ?> <-------------------end secure.php---------------------> <-----------------access_area1.htm---------------------> <html> <head> <title>Access Area 1</title> </head> <body bgcolor="#FF6600" text="#000000"> <div align="center"> <table width="40%" border="1" cellspacing="0" cellpadding="0" bgcolor="#FF0000" bordercolor="#000000"> <tr> <td> <div align="center"><b><font face="Arial, Helvetica, sans-serif" size="6">Secure Area 1</font></b></div> </td> </tr> </table> </div> </body> </html> <----------------end access_area1.htm------------------> <html> <head> <title>Access Area 2</title> </head> <body bgcolor="#FF0000" text="#000000"> <div align="center"> <table width="40%" border="1" cellspacing="0" cellpadding="0" bgcolor="#FF6600" bordercolor="#000000"> <tr> <td> <div align="center"><b><font face="Arial, Helvetica, sans-serif" size="6">Secure Area 2</font></b></div> </td> </tr> </table> </div> </body> </html> <----------------end access_area2.htm------------------> <----------------passwords.txt-------------------------> joe:19741:1:0: tony:928gt:1:1: murray:fsSS92:1:1: greg:2NNg8ed:1:1: mitch:dopro:0:0: nick:cmuk:1:0: guest:RxegXHNEV9GpM:1:1: tom:JJft54Dcv:0:1: <----------------end of passwords.txt------------------> Thankyou very much for any help! [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]