Coolio

Hi Larry, Thanks for the reply and great book, very well written...again any assistance is appreciated. Ok the bucket concept I get. What I don't get is controlling access to the pages. Along with adding session_start to each page I want to control access to... do I also need to add the logic on page 405 lines 12 to 34 from the login.php script? I'm thinking that the login.php page should be saved as index.php so clients land there first then are forced to login in? Here's my site: mylock.dev I'm able to view all pages of the site if I'm logged out. I've completed t

For a few weeks now I have been working on Chapter 12 of the book. I'm transitioning the code from COOKIES to SESSIONS. I've updated the web pages with the session_start(); and echo session_id() so I can see the session cookie... SESSION code Chapter 12 pages 404 - 411. I have an index.php page (which is home.php) with session_start(); added. When you visit the site, the echo session_id(); value shows a session_id(); of :458bd4cae95c75797fc4feec43e54ff1 What I am confused about is that I am not logged in! Should I not be redirected the login page? Where is the page g