sorry about the previous post, I'm 100% sure I sent my script as well. here we go again.
I want my script to request password if a session id does not exsist,here is my code. Please tell me what is wrong with it.
<?php
if (!isset($PHPSESSID)) {
// If empty, send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="The Lecturer Administration Site"');
header('HTTP/1.0 401 Unauthorized');
exit;
} else if (isset($PHPSESSID)) {
include "db.php";
$sql = "SELECT * FROM users WHERE username='$PHP_AUTH_USER' and password='$PHP_AUTH_PW'";
$result = mysql_query($sql);
$num = mysql_numrows($result);
if ($num != "0") {
session_start( );
session_register ("valid_username");
$valid_username=$PHP_AUTH_USER;
header ("location: menu.php");
} else {
header('WWW-Authenticate: Basic realm="The Lecturer Administration Site"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;
}
}
?>
