I've done further investigation and it seems that if I go with the approach of looking for a REMOTE_USER value, I'll have to do the following: Since Apache only fills out the REMOTE_USER if the file is in a protected directory, I have to make a symbolic link within a protected directory to the non-protected script. Then Apache will require authentication for the file. Thus, both non-authenticated and authenticated users are running the same script. Any problems with this approach? My worry is that if the user passes $REMOTE_USER="FooledYou" in the url, it'll fool my script into thinking Apache sent it. I'll have to check into that one. Any better ideas? -----Original Message----- From: David Hall Sent: Tuesday, July 24, 2001 6:15 PM To: [EMAIL PROTECTED] Subject: [PHP] .htaccess and determining if a user is logged in I'm using Apache .htaccess to require certain users to log into the system in order to view certain files. However, on one of my php scripts, it's not within the realm of .htaccess protection. How do I determine if the user viewing the page is an authenticated user or not? I want to present these authenticated users with additional features while viewing the page. Do I just check REMOTE_USER for a value? I'm not even sure if that works. For the most part, I don't want to really care about any intensive php link with user log in's. I like the simple approach of .htaccess. Any help would be greatly appreciated. Thanks in advance! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]