Hi I have copied portion of a php script to use with my website for customer registration purpose. Such as log in, create password , etc. One php code deals with finding out if a customer is already logged on or not. The problem is that it won't recognise that a customer is signed in. I have hardly changed any part of the script, for some reason the function does not return the value back to the calling code. i would be very grateful if you would have a quick look at it. I have tested the function and it does function properly but it just does not return the value (of 1 or 0). Here is the calling code: <td colspan="4" class="visitor"> <?PHP include ("functions.php"); echo "hello User is :".$user; //if the user is logged in. if (is_logged_in($user)) { // include ("header.php"); $cookie_read = explode("|", base64_decode($user)); $username = $cookie_read[1]; //put your code here (protected page). echo "Welcome <b>$username</b>, [ <a href=users.php>Manage Account</a> ] [ <a href=users.php?maa=Logout>Logout</a> ]<br><br>"; // echo "<br><br><br> // <h3>an example of protected page, put your protected code/stuff here.</h3>"; //include ("footer.php"); //if the user is not logged in, then tell him to login. }else{ // include ("header.php"); //header("Location: users.php"); die(); echo "Welcome visitor, would you like to [ <a href=users.php>Login</a> ] or [ <a href=\"users.php?maa=Register\">Register</a> ]"; //this code will load all registered users $sql = mysql_query("SELECT * FROM ".$prefix."_users ORDER BY userid DESC"); $num = mysql_num_rows($sql); // echo "<br><br><br><hr size=1>Total registered users ($num): "; while($row = mysql_fetch_array($sql)){ $userid = $row['userid']; $username = $row['username']; $password = $row['password']; $ipaddress = $row['ipaddress']; #comment this line if you don't want to print user names. // echo " [ $username ]"; } // include ("footer.php"); } ?> Code (markup): and this is the function if (eregi("functions.php", $_SERVER['SCRIPT_NAME'])) { Header("Location: index.php"); die(); } // Report all errors and ignor notices error_reporting(E_ALL ^ E_NOTICE); // Disable magic_quotes_runtime set_magic_quotes_runtime(0); if (!ini_get("register_globals")) { import_request_variables('GPC'); } $phpver = phpversion(); if ($phpver < '4.1.0') { $_GET = $HTTP_GET_VARS; $_POST = $HTTP_POST_VARS; $_SERVER = $HTTP_SERVER_VARS; } $phpver = explode(".", $phpver); $phpver = "$phpver[0]$phpver[1]"; if ($phpver >= 41) { $PHP_SELF = $_SERVER['PHP_SELF']; } if(isset($admin)){ $admin = base64_decode($admin); $admin = addslashes($admin); $admin = base64_encode($admin); } if(isset($user)){ $user = base64_decode($user); $user = addslashes($user); $user = base64_encode($user); //echo "User is :".$user; } foreach ($_GET as $sec_key => $secvalue) { if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*object*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*style*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*form*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*img*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("\([^>]*\"?[^)]*\)", $secvalue)) || (eregi("\"", $secvalue))) { die ("not allowed"); } } foreach ($_POST as $secvalue) { if ((eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]meta*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) { die ("not allowed"); } } //set root path $ROOT_DIR = realpath(dirname(__FILE__)); $ROOT_DIR = str_replace('\\', '/', $ROOT_DIR); include ("$ROOT_DIR/config.php"); include("$ROOT_DIR/mysql.class.php"); $db = new sql_db($db_host, $db_username, $db_password, $databse_name, false); if(!$db->db_connect_id) { include("header.php"); //if connection to database/login faild, print error. echo "<br><font color=\"red\"><h5><br><center>Error:</b><br><hr><br> <b>Connection to database has faild!<br> check mysql server/database name/username/password </center> <br><br><br><br><br><br><br><br><br>"; echo mysql_error(); include("footer.php"); die(); } //load the site options and info from db. $options_sql = $db->sql_query("SELECT * FROM ".$prefix."_options"); $options = $db->sql_fetchrow($options_sql); $site_name = stripslashes($options['site_name']); $site_email= stripslashes($options['site_email']); $site_url = stripslashes($options['site_url']); $site_info = stripslashes($options['site_info']); $language = stripslashes($options['language']); $tmp_header = stripslashes($options['tmp_header']); $tmp_footer = stripslashes($options['tmp_footer']); $validate = intval($options['validate']); //load the language include ("$ROOT_DIR/lang/$language.php"); //global function for checkig whethar user is logged in or not. //you will notice we will use it everwhere in the script. function is_logged_in($user) { global $db,$prefix; $read_cookie = explode("|", base64_decode($user)); $userid = addslashes($read_cookie[0]); $passwd = $read_cookie[2]; $userid = intval($userid); //echo "User is :".$userid; if ($userid != "" AND $passwd != "") { $result = $db->sql_query("SELECT password FROM ".$prefix."_users WHERE userid='$userid'"); $row = $db->sql_fetchrow($result); $pass = $row['password']; // echo "hello User is :".$user; //echo "pass is :".$pass; //echo "passwd is :".$passwd; //echo "read_cookie :".$read_cookie[2]; if($pass == $passwd && $pass != "") { //echo "pass".$pass; return 1; } } return 0; } function is_logged_in_admin($admin) { global $db,$prefix; $read_cookie = explode("|", base64_decode($admin)); $adminid = addslashes($read_cookie[0]); $passwd = $read_cookie[2]; $adminid = intval($adminid); if ($adminid != "" AND $passwd != "") { $result = $db->sql_query("SELECT password FROM ".$prefix."_admin WHERE adminid='$adminid'"); $row = $db->sql_fetchrow($result); $pass = $row['password']; if($pass == $passwd && $pass != "") { return 1; } } return 0; } function msg_redirect($msg,$url,$seconds){ global $site_name, $site_url; echo "<html dir=\""._LTR_RTL."\">\n" ."<DIV id='redirect' style='position:absolute;left:10px;top:10px;border-style:double'>\n" ."<head>\n" ."<title>$site_name</title>\n" ."<meta http-equiv=\"Refresh\" content=\"$seconds; URL=$url\">\n" ."<meta http-equiv=\"Content-Type\" content=\"text/html; charset="._CHARSET."\">\n" ."<link rel=\"stylesheet\" href=\"style.css\" type=\"text/css\">\n" ."</head>\n\n" ."<body>\n" ."<br />\n" ."<br />\n" ."<br />\n" ."<br />\n\n\n" ."<div align=\"center\">\n" ."<table cellpadding=\"6\" cellspacing=\"1\" border=\"0\" width=\"40%\" bgcolor=\"#E1E1E1\">" ."<tr>" ."<td bordercolor=\"#808080\">"._REDIRECTING."</td>" ."</tr> " ."<tr> " ."<td align=\"center\" bgcolor=\"#FFFFFF\">" ."<blockquote> " ."<p> </p>" ."<p><h3>$msg</h3></p>" ."<p><a href=\"$url\"> " .""._CLICK_HERE_BROWSER_REDIRECT."</a></p><br />" ."</blockquote>" ."</div>\n" ."</td>\n" ."</tr>\n" ."</table>\n\n\n" ."</div>\n" ."</body>\n" ."</html>"; } ?> Code (markup): I have been thinking about the problem for a few days now, so would appreciate where some help.