help

When login you store the values to SESSION variable. then

try this code

$user_id=$_SESSION;
if(!$user_id)
{
echo "<meta http-equiv=refresh content=0;url=index.php>";
exit;
}

this will help for you

sorry it is not working....i tried like this

login form

<form method="post" action="start1.php">
<body>
<form name="form1" method="post" action="checklogin.php">
Username<input name="myusername" type="text" id="myusername">
Password<input name="mypassword" type="password" id="mypassword">
<input type="submit" name="Submit" value="Login">
</form>

login code

<?php

$myusername=$_POST['myusername'];
$_session['name']=$myusername;
$mypassword=$_POST['mypassword'];

if ($myusername=="" && $mypassword=="")
{
print "<script language=\"JavaScript\">";
print "window.location = 'http://www.ho.com/aa/viewuser.php'";
print "</script>";
}
else
{
print "<script language=\"JavaScript\">";
print "window.location = 'http://www.ho.com/aa/start.php'";
print "</script>";
}
?>

view user page

<?php
   session_start();
  

$user_id="aletheia.loco"; 
if(!$user_id)
{
echo "<meta http-equiv=refresh content=0;url=start.php>";
exit;
}
?>

Heres my code....
Loginform.php

<table>
<tr><td></td><td>
<?php

if(isset($_SESSION['group'])){
echo "You are logged in as: <b>";
echo $_SESSION['username'];
}
else { ?>
<table>
<form name="loginform" method="post" action="login.php">
<tr><td>Username:</td><td><input type="text" name="username"></td><td>Password:</td><td><input type="password" name="password"></td><td></td><td><input type="submit" value="Submit"><input type="reset" value="Clear"></td></tr>
</form>
</table>
<?
}
?>

Code above first checks if the session is set in my case "group" and if it is simple message saying you are logged in as "username" (another seshion I have set up) and they do not see the login form. If it is not set, they will see a basic login form.

Then the actul loging in process and setting up the seshions

<?php

$host="localhost";
$username="username";
$password="password";
$db_name="dbname";
$tbl_name="tablename";

//Connect to the serve and select database
mysql_connect("$host", "$username", "$password") or die ("Cannot connect to server");
mysql_select_db("$db_name") or die ("cannot select database");


//Taking information from the form
$username=$_POST['username'];
$password=$_POST['password'];


//browsing the database for a match
$sql="SELECT user_username, user_password, user_groupid, company_id, user_id FROM $tbl_name WHERE user_username='$username' and user_password='$password'";
$result=mysql_query($sql);


//count table row
$count=mysql_num_rows($result);


//If correct username and password result should equal 1
if($count==1){
$Groupid=mysql_result($result,'', 'user_groupid');
$Companyid=mysql_result($result,'','company_id');
$Userid=mysql_result($result,'','user_id');
session_start();
$_SESSION['userid'] = $Userid;
$_SESSION['username'] = $username;
$_SESSION['group'] = $Groupid;
$_SESSION['usercompanyid'] = $Companyid;

basicly searches the database for a match with the login details, and if found starts the seshions.

For the pages you only want logged in users to see, simply rework what I showed you with the login form. Only allowing users with your seshion set, or with a specific value.

Not the safest of scripts, pretty sure someone will show you abetter one, but it will work.