I wrote that script a while ago, and just noticed that it uses global variables (I never use them anymore). I'd be willing to be that this will work a lot better for both of you:

PHP Code:

# Protect page from being called directly from web browser 
$back "<form><input type='button' value='< Back' onclick='history.back()'></form>"
$acc_denied "<h3>Access Denied</h3>".$back# you could add a link to where users can login here... 
if (!isset($_COOKIE["verified"])) { die($acc_denied); } 

I'd also use the original setcookie code:

setcookie ("verified", true);

as it will set a cookie that expires when the browser is closed.