thanks jason for your help.
i was wondering, will i need to go into every recordset in the site and add security to it so that only that user sees that clients details.
at moment i have the clients details page that we discussed but also about 5 product pages which are product1_details.php etc
do i need to go into these pages and add the recordset so it will only show if equal to the userid?
the thing is that admins who have an access level = 1 should see all the users details but only the users see their own clients details and clients product detail pages.
what is the best way to impliment security, should i copy the clients_details page and call it clients_details_user and have the admins go to clients details and non admin go to the clients details user page?
will this work on the individual product detail pages?
hope you can help mate as i am looking for the best way to secure this.