if you are using apache web server you can try the .htaccess method. I am not too familar with it. I am trying to learn it myself, but from what i gather, you put a file called .htaccess in the dir where your web page is. the .htaccess file contains a path to the a file where all the user names and passwords are stored. whenever this dir is accessed, a window pops up asking for a user id and password. If anyone has more info on this, please pass it on. I am looking into using this as well. What i am looking to do is create a web based ftp application. Where users log into a web screen and can ftp files to the server into a certain directory own by them. I am storing the file paths and descriptions in a postgresql db and using php for the ftp process. Can I use .htaccess with this? Can I have someone log into the web page using .htaccess and passing their user id and password into a cookie or variable so i will know who they are and they don't have to re-type this when they ftp the file. Any help would be great. Thanks, Tim. Paul Joseph McGee <mcgee@xxxxxxxxxxxxxxxxx>@postgresql.org on 03/13/2001 12:20:57 PM Sent by: pgsql-php-owner@xxxxxxxxxxxxxx To: pgsql-php@xxxxxxxxxxxxxx cc: Subject: Secure pages Hi everybody, i have a user login authentication sysytem on my machine here where users may view pages but to do other things the user must login. the login scripts seem to work ok and are based on a "Secure Authentication System" from www.phpbuilder.com. Basically the page where i want people to arrive at upon logging in is at present viewable by anyone who puts the proper url into their browser. how do i keep this and other pages secure from people who havent logged in? Thanks, Paul ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to majordomo@xxxxxxxxxxxxxx) ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ********************************************************************** ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to majordomo@xxxxxxxxxxxxxx