dtest

that's going to be really tricky. in my example I just named one file in the folder "secret" but in fact it's a folder with many files and many subfolders which are all needed to run the /httpdocs/secret/index.php script so that's not really an option

Hi, Yes you're correct, I mean HTTP authentication That is really too bad that it doesn't work for IE. Does anyone know if there's another way?

Hi, I have these files: /httpdocs/login.php /httpdocs/secret/index.php the login.php is publicly available, but the folder 'secret' is password protected via my webhost's cpanel I would like the script login.php to check my database for the user submitted name and password and then re-direct the user to /httpdocs/secret/index.php WITHOUT the user having to authorize himself again to enter the password protected folder Is there a way to 'forward username and password' in php like this?

ok I found out that it wasn't the ` that initiated the error message, but a syntax error in the code. I fixed it and now ` doesn't appear to make any problems anymore when I only use mysql_real_escape_string to sanitize thanks for the replies

can anyone tell me if it's normal that the character ` is not escaped when using mysql_real_escape_string to sanitize user imput? I have a login box where if you enter "INSERT INTO database USERS `'`" as username, I am still getting an error message after using mysql_real_escape_string: Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /var/www/vhosts/mydomain.com/httpdocs/index.php on line 41