[code] Function Authenticate( $username, $password, $remember, $refer ) { global $db; $sqlUser = mysql_query("SELECT userID,username,password,access,COUNT(userID) AS count FROM ".$db->dbPrefix."_login WHERE username='".$username."' AND password='".md5($password)."' GROUP BY `userID`") or die(mysql_error()); $row = mysql_fetch_assoc( $sqlUser ); if ( $row['count'] > 0 ) { if ( $remember > 0 ) { $data = $row['username']."_".$row['password']; setcookie("sbn_access", $data, time()+300); session_register('userID'); session_register('access'); $_SESSION['access'] = $row['access']; $_SESSION['userID'] = $row['userID']; session_register('username'); session_register('password'); $_SESSION['username'] = $row['username']; $_SESSION['password'] = $row['password']; } else { session_register('userID'); session_register('access'); $_SESSION['access'] = $row['access']; $_SESSION['userID'] = $row['userID']; } mysql_query("UPDATE ".$db->dbPrefix."_login SET lastlogin='".mktime()."', ip='".$ip."' WHERE username='".$username."'") or die(mysql_error()); if ( empty($refer) ) { header('Location: index.php'); } else { header('Location: '.$refer); } } else { header('Location: index.php?errorID=1'); } }[/code] Here is my function, maybe that will help out. I'm running on IIS windows 2000.