Hi, I'm currently coding a wedding website for a friend, and all had been working great until now. It includes an RSVP page that acts as a user registration, then allowing the user to login and access additional features of the site. As I say, it's all been working fine, until I access the site via my friend's marked URL, when the session seems to stop being passed correctly. The problem occurs thus: If the user enters the correct password on the login page, the following code is run: $_SESSION['logged'] = "agk8gjf38834j2"; $_SESSION['user'] = $_user_name; header("location:" . $redirect_url); This then redirects to a welcome page, where the following code runs: ob_start(); session_start(); if($_SESSION['logged'] != 'agk8gjf38834j2') { header("location:" . $_login_file); } It is at this point, when using the masked URL, that I'm redirected back to the login page. I've coded an echo to check the $_SESSION['logged'] variable, and sure enough it's blank when using the masked URL, but fine using the main URL. If anyone has any ideas, or simple ways to get around this I would really appreciate you help. Yours confusedly! aBiz. ???