If anyone has followed the authentication problems I had with my site which is on a Windows server (see
this thread), I've modified the admin/index.php script to handle user authentication in a slightly different way to solve that problem. You can view my modified script
here. Note that if you use it, you'll no longer need to use auth.php.
I also added a feature that gives the user 3 tries to authenticate, then calls the sleep function for 10 seconds. That is to discourage anyone from running their own script to try hacking into the administration functions.
I welcome any comments, criticisms, etc. regarding my script. Thanks.