It seems like the include isn't being used. because my testing server is configured like a production server, the error messages are being suppressed. From: php-objects@xxxxxxxxxxxxxxx [mailto:php-objects@xxxxxxxxxxxxxxx] On Behalf Of Atkinson, Robert Sent: Sunday, September 30, 2007 11:28 AM To: php-objects@xxxxxxxxxxxxxxx Subject: RE: Using include properlly What error are you getting? I prefer to use :- include($_SERVER["DOCUMENT_ROOT"] . '/Sec/secheck.php'); Rob. -----Original Message----- From: php-objects@xxxxxxxxxxxxxxx <mailto:php-objects%40yahoogroups.com> [mailto:php-objects@xxxxxxxxxxxxxxx <mailto:php-objects%40yahoogroups.com> ] On Behalf Of teacherweeks Sent: 30 September 2007 16:20 To: php-objects@xxxxxxxxxxxxxxx <mailto:php-objects%40yahoogroups.com> Subject: Using include properlly I am writing a security check script, and using an include statement on each of the pages that I am wanting it to check on. Below is the code for the security script and include statement, can someone point out what I am doing wrong. Weeks ------------------- Include statement <?php include("../Sec/secheck.php"); ?> ------------------- Security statement <?php $user_name = $_POST['user_name']; $pword = $_POST['pword']; include("../Connections/database.php"); $sql = "select user_name, pword, sec_level from tbl_logins where user_name='$user_name' and pword='$pword'"; $result = mysql_query($sql, $DBconn); $count = mysql_num_rows($result); if($count==1){ session_start(); session_register("user_name"); session_register("pword"); session_register("sec_level"); header("location:../index.html"); } else { echo "Bad Username or Password"; } ?> PHP Data object relational mapping generator http://www.metastorage.net/ Yahoo! Groups Links **************************************************************************** ******* Any opinions expressed in email are those of the individual and not necessarily those of the company. This email and any files transmitted with it are confidential and solely for the use of the intended recipient or entity to whom they are addressed. It may contain material protected by attorney-client privilege. If you are not the intended recipient, or a person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. Random House Group + 44 (0) 20 7840 8400 http://www.randomhouse.co.uk http://www.booksattransworld.co.uk http://www.kidsatrandomhouse.co.uk Generic email address - enquiries@xxxxxxxxxxxxxxxxx <mailto:enquiries%40randomhouse.co.uk> Name & Registered Office: THE RANDOM HOUSE GROUP LIMITED 20 VAUXHALL BRIDGE ROAD LONDON SW1V 2SA Random House Group Ltd is registered in the United Kingdom with company No. 00954009, VAT number 102838980 **************************************************************************** ******* [Non-text portions of this message have been removed]