What don't you use a session var like $HTTP_SESSION_VARS['folder'] = 'folder1' or = 'folder2'. If the user switch the directories after the login you verify if the $HTTP_SESSION_VARS['folder'] is good for any of the two session, if not session_destroy() and go to the login page. You may do that by creating a new file 'verifyFolder.php': <?php session_start(); if (isset($HTTP_SESSION_VARS['folder']) && $HTTP_SESSION_VARS['folder'] != 'folder1' && $Username ...){ session_destroy(); header('Location:login.php') } ?> and to any file in the folder add in the first line <?php require_once('verifyFolder.php'); ?> it's easiear this way to verify the rights in one file and include him to all other. This way you are sure the session is starting and the code is easiear to debug -- ------------------------------------------------- Cristian MARIN - Developer InterAKT Online (www.interakt.ro) Tel: +4021 312.53.12 Tel/Fax: +4021 312.51.91 cristic@interakt.ro "Nabil" <nabil.attar@aws-syria.com> wrote in message 20030621085529.49816.qmail@pb1.pair.com">news:20030621085529.49816.qmail@pb1.pair.com... > Hi all, wish u all a good weekend.. > Guys I have a question as the following: > > 1- In my wwwroot I have two folders : folder1 and folder2 (actually I have > 14 folders) > 2- In the same two folders there are same PHP files do the same job, as db > jobs with different databases.. > 3- I log in the users by register a session, lab lab lab ... etc > 4- the logging files in the two folders are different by registering a > different session value. > 4- I want if any user jumped to the other directory and logged in with the > correct requested password TO HAVE THE FIRST SESSION UNREGISTERED > automatically, so he can't be logged in in both at same time.. and keep only > the new.. and ofcourse have to re logging if he jumped back to the first > one... > (the reason that every folder has different DB connection, and the > interface of the two section are identical.. so I need to split it .to avoid > any problems with many users ....) > > 5- what I m trying to do is , if there is a possibility to control the > header.. by if { /folder1 go } else { unregister session whatever} > if {/ folder2 .............. } else {.........} etc > > 6- IS IT A GOOD WAY TO DO IT , OR NOT? of cource I need a security in the > first place.. > > I HOPE I WAS CLEAR, and thanks for your patient again... :)) > (sorry because it might be shouldn't in db list) > Regards > Nabil > > ---------- > ""open source world, open mind for all"" > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php