I'm not an expert at this, but I think the key you're looking for is that each page must check the user's cookie to make sure they actually are logged in. If they are, it can continue to serve the requested page, but if not, it should send a page explaining that only members can access the page.

Thanks Steve for your reply. This is a ready-made script that I installed on the site. When I tried the demo version of the script on the developer's site, everything seems to work fine. <snip>

So I am not sure what went wrong, perhaps the specification of the Directory Path is wrong?

[edited by: dreamcatcher at 12:41 pm (utc) on May 13, 2008]
[edit reason] No urls please! [/edit]

Ok, I see what you mean.
Yes, you probably must specify somewhere which folders are protected, and its possible you have to specify membership levels or something like that (?). Go through their admin panel (or its equivalent) to check all your settings. If they provide any examples, compare your settings against the examples, especially for things like directory paths. There are multiple ways to notate the same folder, such as /folder, or /home/User/public_html/folder, etc. In PHP code, the latter is usually used in config settings, since it's the full hard disk path on the server, not a path relative to your web root.

Make sure you're allowed to use .htaccess at your webhost, and see if there's an .htaccess being created for the folder you're trying to protect. Some investigation along those lines might lead to discovering where the problem lies.

If that leads to nothing, you could contact the company, or maybe they have a support forum such as in Google Groups (?).