First it will be paid email. Then it will be paid to visit too. There is also a news site and some otehr stuff.

And about paying on Egold that is a problem as i dont have one cent there.

I don't care actually .. ..

Those scripts dont allow for any editing which means i cant even get them to connect to my database. Isnt there anyone that can give me a ready one?

Here's a script for ya...
It actually is two scripts, one that handles the login (login.php) and one that is included one every page that only users that have logged in should be able to access (verify.inc.php). Since

I don't have MySql on my computer (I assumed that you were running MySql) I haven't been able to test them yet, so please use them with care...

Here's login.php's code :

//check if a username and a password is defined
if(!$username || !$password)
{
echo 'No username/password';
exit;
}
else
{
//include the file with the database username and password
include("C:mysql_connect.inc");
//connect to the database
mysql_connect($mysql_host,$mysql_username,$mysql_password) or die("MySQL Error: " . mysql_errno() . ": " . mysql_error());
//encrpyt the password, for security reasons
$password = md5($password);
//select the correct database
mysql_select_db('database');
//query the database to see if the username and password is correct
$result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'") or die("MySQL Error: " . mysql_errno() . ": " . mysql_error());

if(mysql_num_rows($result)!=1)
{
//it's invalid
echo 'Invalid username/password';
exit;
}
else
{
//it's valid so redirect the user to the secret page and save the username and the password in two cookies
setcookie("userlogin",$username,'',"/");
setcookie("passlogin",$password,'',"/");
header("Location: secretpage.php");
}
}

Here's verify.inc.php's code:

if (!$userlogin || !$passlogin)
{
//the user is not logged in so send him to the login-page
header('Location: loginform.html');
exit;
}

//include the file with the database username and password
include("C:mysql_connect.inc");
//connect to the database
mysql_connect($mysql_host,$mysql_username,$mysql_password) or die("MySQL Error: " . mysql_errno() . ": " . mysql_error());

//select the correct database
mysql_select_db('database');

//query the database to see if the username and password is correct
$result = mysql_query("SELECT * FROM users WHERE username='$userlogin' AND password='$passlogin'") or die("MySQL Error: " . mysql_errno() . ": " . mysql_error());

if (mysql_num_rows($result)!=1)
{
//the username/password is invalid so send the user to the login page
header('Location:loginform.html');
exit;
}

They're quiet well-commented so you should be able to understand how they work, otherwise consuly PHP's wonderful manual.

Many thanks i'm so glad that you can help.

While Yrlec's script should work fine, You may want to actually include the file rather then use header("Location: page.php"); for two reasons:

1) Easier to customize the page
2) It keeps the secret page actually a secret, so that person can't tell others about that page as easily

His script will work just fine though. It has very good encryption as well, same that will be used by (parts) of GPS:
$password = md5($password);

It was after reading a lot of articles on the Internet that I felt that Postgresql would fit my project better. Three great MySQL and PostgreSQL comparisons are these: http://www.mmlabx.ua.es/mysql-postgres.html http://www.phpbuilder.com/columns/tim20001112.php3 http://openacs.org/philosophy/why-not-mysql.html

[ 05-14-2002, 04:54 AM: Message edited by: Yrlec ]

well .. I talked to some other guys and they told me this:

there's no difference whether you write '".$val1."' or '$val1', because that's exactly the same, you just insert the $val1 variable in different ways.
If you want your query to be safe against hack attempts, then you should use addslashes() function.

.. after reading, what does addslashes function, I understood, that they are completely right, there's no difference between writing the ways above .. it's still vulnerable ..

I guess you're right .. we're talking about two different things ..