function.session-start is displaying on sign-in-action page with other correct links why so and how to check session for sign-in-action-form

<?php
session_start();

if(isset($_POST['username']) && ($_POST[开发者_JAVA百科'password'])) 
{



                $con=mysql_connect("localhost","root","");
                if(!$con)
                {
                die('Could Not Connect:'.mysql_error());
                } 

                mysql_select_db("tcs",$con);

                $usr=$_POST["username"];                 //pick username from login page
                $pwd=hash('sha1',$_POST['password']);    //pick password from login page and use hash algorithm to encrypt it

                $query="select * from employee where Username='$usr' and Password='$pwd'";  //serch that single row in which both r found
                $result=mysql_query($query,$con);


                    if ($result) 
                    {

                                $row=mysql_fetch_array($result);

                        if (($row["Username"]==$usr) && ($row["Password"]==$pwd))
                        {

                                $_SESSION['employee']['id']=$row['User Id'];
                                $_SESSION['employee']['username']=$row['Username'];
                        }       
                        else
                        {
                                echo "Login Not Successfull";
                        }
                    }   
}

else
{
echo 'Error! Username & Password were not sent!';
}

$_SESSION['user_authenticated'] = true;



?>

<html>
<body bgcolor="black">


<?php 
if($_SESSION['user_authenticated']) 
{


                                echo "<font color=red>"."<h3 align=center>"."Welcome ".$_SESSION['employee']['username']."</h3>"."</font>";
                                echo "<br />"."<a href='upload_file.php'>"."<font color='white'>"."<h4>"."Up-Load Files"."</h4>"."<font>"."</a>";
                                echo "<br />"."<br />"."<a href='list_files.php'>"."<font color='white'>"."<h4>"."List All Up-Loaded Files"."</h4>"."<font>"."</a>";

}



?>

</font>
<a  href="logout_file.php"><font color="white"><h3 align="right">Sign Out</h3></font></a>
<font color="white">

</body>
</html>

Ok fine now i am getting the point.But there is one more problem.Suppose i am on signin-action page which have a link of sign out.When i click on sign out button i am re-directed to sign in page.ok no problem but again if i press back button again i am asked to resend the data(even after sign out) and again i am on sign-in-action page why so..It is wrong yar..What to do this.For all other pages like if i click on sign out buttom from upload button->redirected to sign-in and if i press back button it shows u are signed out.I dont know how to check session varibale exit for signinaction

---

From the documentation:

Note: To use cookie-based sessions, session_start() must be called before outputing anything to the browser.

Make sure to put session_start() before any output.
You can always create a session whether the user logs in or not. If he logs in then, you just set some flag in the session variables to mark him as logged in (and probably regenerate the session key for security reasons).

<?php 
session_start()

// do all the user authentication here

$_SESSION['user_authenticated'] = true;

// maybe more stuff....
?>

<!-- html stuff -->
<body>
<?php if($_SESSION['user_authenticated']) {
      echo "<font color=red>"."<h3 align=center>"."Welcome ".$_SESSION['employee']['username']."</h3>"."</font>";
      echo "<br />"."<a href='upload_file.php'>"."<font color='white'>"."<h4>"."Up-Load Files"."</h4>"."<font>"."</a>";
      echo "<br />"."<br />"."<a href='list_files.php'>"."<font color='white'>"."<h4>"."List All Up-Loaded Files"."</h4>"."<font>"."</a>"
} ?>

<!-- and so on -->

This is more or less pseudo code but it should give you the right idea.

---

You can check your session for this page allow include your session page on every page where you want it.