I need this script to connect to the database etc which all works perfectly then check if the user is logged in via cookie check... if they aren't i need to to redirect to re_login.php and if they are then display the page that includes this script...

Can it be done and am i on the right lines??


Code so far for auth.php

PHP Code:

<?php
$userid   = $HTTP_COOKIE_VARS['bbuserid']; 
$password = $HTTP_COOKIE_VARS['bbpassword']; 
$vbhost   = "localhost"; 
$vbuser   = "user"; 
$vbpass   = "pass"; 
$vbname   = "name"; 
$vb=mysql_connect("$vbhost","$vbuser","$vbpass"); 
mysql_select_db($vbname,$vb) or die ("Forum Database Connectivity Error"); 
$vbsql=mysql_query("select * from user where userid = '$userid'"); 
$vbinfo=@mysql_fetch_array($vbsql); 
$username=$vbinfo[username]; 
 
if (!$username) {}{ 
header('location: re_login.php');
} elseif ($username) {
?>

Yes, it seems okay so far. Though in that code snippet I don't see where you are verifying the users password.

The reason the redirect may not be working is because the Location header needs an entire URL, not just a path (relative paths work only for some clients). For example:

Code:

header('Location: http://mydomain.com/re_login.php');

And you have to make sure the header is sent before any other headers. Headers are sent when output is sent (HTML, or even something as small as a newline ), or cookies are set etc. Sometimes it is easier to just output an HTML page that auto-redirects the user.