cags

We are guessing blind as you won't tell us what server you are using. My guess is you are trying to use a service such as gmail, which always requires authentication.

I don't see how I can make it any more clear. The mail.xyz.com is blatantly not the actual value you are using in your php.ini. Whatever SMTP server you are using requires you to authenticate with it before you can send an e-mail, this CANNOT be done with the mail function, it does not support authentication. You either need to use an SMTP server that doesn't require authentication or use a different mailing class such as one of the two I mentioned previously.

The error message is what you say, it is saying that there is no accesslevel variable in the $_SESSION array. If a user isn't logged in to your site when that function is called you will always get that error. You can prevent that from coming up by doing something more like... if( !isset($_SESSION['logged_in']) || $_SESSION['accesslevel'] < $requiredAccess){ die("You don't have access to this area. If you should have access, please log in again. <a href='/login/'>Login</a>"); } ...rather than... if($_SESSION['accesslevel'] < $requiredAccess || $_SESSION['logged_in'] != TRUE){ die("You don't have access to this area. If you should have access, please log in again. <a href='/login/'>Login</a>"); }

None of the above. The SMTP server requires you to authenticate with it before you can send e-mails. The mail function is contacting mail.xyz.com saying "Please send this e-mail", the SMTP is sending a message back saying "No, you have to login before you can send an e-mail".

Good point, if moving the file makes it work then it shouldn't be that it's the script at fault. I really can't think of a reason that a sub-folder would not be part of the session if your domain is '/'.

It sounds like your session data is getting corrupted/removed at some point on one of those pages. Perhaps you are accidentally assigning a value to a session variable rather than comparing it at some point in the script?

This should only cause problems if the other folder is being accessed via a different sub-domain (or accessed via FRAMES or FRAME forwarding). Other than that it's difficult to say without having a live example to inspect the cookies on. Try using the web developer toolbar for FF as a simple way to easily view active cookies and check for the session cookie on the various pages. Take particular note of the domain they are active on.

The SMTP server you are trying to use 'mail.xyz.com' requires authentication. The PHP mail function does not support authentication. You will have to either use a different SMTP server or use a different mail class such as PEAR Mail or PHP Mailer.