[!--quoteo(post=366667:date=Apr 19 2006, 07:57 PM:name=poirot)--][div class=\'quotetop\']QUOTE(poirot @ Apr 19 2006, 07:57 PM) [snapback]366667[/snapback][/div][div class=\'quotemain\'][!--quotec--] You shouldn't use cookies to store this. Cookies can be easily changed, so anyone could just change the cookies and impersonate the admin. Instead, use SESSIONS; something like this: [code]<?php session_start(); header("Cache-control: private"); // IE fix if ($_SESSION['authorized'] = 'yes') { // outputs admin page }[/code] [/quote] So I have to put that code in the index page and the code below to the other page right? : [code]if ($_SESSION['authorized'] = 'yes') { // outputs admin page }[/code] And by the way, when I try to put this code to my pages, I think there is a problem because I can even access to the pages whichout username and pass ^^ . ....