Hi. I have chosen to protect my website using .htaccess since I use a LeftFrame for navigation, and a MainFrame to load PDF Documents. Now, I have three different sites, and, I need a 'User Manager' interface which allows the admin to control user access to any combination of these sites. I have actually used a global PHP login, which provides respective access to a PHP file with this line only: header("Location: [a href=\"http://username:password@website_X");\" target=\"_blank\"]http://username:password@website_X");[/a] * That would forward the user and somewhat secretly bypass the browser's request for a new password. Since IE now prohibits passwords within URLs by default, this can no longer be achieved... The question is, how can I protect those PDF documents and authenticate via PHP, using a MySQL database to keep track of user details? Does $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] have anything to do with .htaccess? Could this be an alternative? Thank you :) Roger