session help

Anon

Greetings, I have a file named testing.php in each users directory.

i.e
/usersarea/bob/testing.php
/usersarea/nancy/testing.php
it allow them to manage files.

If bob enters the full url in the address bar for nancy's testing.php he'll get the page with all of nancy's files listed.

I would like to set up the script testing.php so that bob has only session control only on his testing.php not others.

Here's what i've tryed, but no go:

<?php
session_start();
//Perhaps setcookie() will help?
if ($usrname && $usrpassword)
{
// if the user has just tried to log in
$mysql = mysql_connect( 'localhost', 'user', 'password');
$mysql = mysql_select_db( 'database');
$query = "select count(*) from auth where name='$usrname' and pass=password('$usrpassword')";
$result = mysql_query( $query );
$count = mysql_result( $result, 0, 0 );

if ( $count > 0 )
{
// if they are in the database register the user id
$valid_user = $userid;
session_register("valid_user");
}
}
?>

<?
if(session_is_registered("valid_user"))
{
//list users files
}
else
{
//message displaying "must log in first"
}
?>

Any help would be greatly appreciated

Thanks,
Mike

Anon

Bob, will only be able to get a listing of nancy's file if he's allready authenticated.

i.e Bob authenticates, then goes to the address bar and types in the url
http://site.com/usersarea/nancy/testing.php
and gets nancy's file listing too.

Thanks again,
Mike