Untitled

if(isset($_POST['login']))
{

     if(!$_POST['username'] || strlen($_POST['username']) <= 3 || strlen($_POST['username']) >= 20)  //Check user input for validity
     {
          $loginerror['username'] = "Username is required.  Must be between 3 and 20 characters long.";
     }
     if(!$_POST['password'])
     {
          $loginerror['password'] = "Password is required.";
     }


     if(count($loginerror) == 0)
     {
          $username = mysql_real_escape_string(trim($_POST['username'])); //Do whatever to the user input
          $password = mysql_reql_escape_string(trim($_POST['password']));

          $sql = mysql_query("SELECT `username`,`password`,`etc` FROM `users` WHERE `username` = '$username' AND `password` = '$password' LIMIT 1");  //Select both at the same time

          if(mysql_num_rows($sql) == 0)
          {
               $loginerror['login'] = "Username or Password incorrect or does not exist.";  //It's smart not to let people know which they got wrong.
          }
          else
          {
               $_SESSION['username'] = $username;
               $_SESSION['loggedin'] = true;
               $loginmessage = 'Welcome ' . $username. ', you are successfully logged in';
          }
      }
 }

function dispError($name,&$errors)
{
     if(isset($errors[$name]))
     {
          return '<span class="error">' . $errors[$name] . '</span>';
     }
     return '';
}

if(isset($loginmessage))
{
     echo $loginmessage;
}
elseif(isset($_SESSION['username']) && isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true)
{
     echo 'Welcome, ' . $_SESSION['username'];
}
else
{
     if(!isset($loginerror) || !is_array($loginerror))
     {
          $loginerror = array();  //Gotta make sure it exists for the next part if it hasn't been set.
     }
     echo dispError('login',$loginerror);
     echo '<form method="post" action="">';
     echo '<input name="username" placeholder="Username..." type="text" maxlength="15" />' . dispError('username',$loginerror) . '<br /><br />';
     echo '<input name="password" placeholder="Password..." type="password" maxlength="20" />' . dispError('password',$loginerror) . '<br /><br />';
     echo '<input name="login" type="submit" value="Login" style="width:100px;">';
     echo '</form>';
}

if(isset($_POST['login']))
{
     require_once("loginCheck.php");
}

//various other includes and requires

require_once("loginForm.php");

$_SESSION['loggedin'] = true;

<?php
session_start();

if(!loggedIn())
{
    header('Location: login.php');
    die();
}

function loggedIn()
{
    if($_SESSION['loggedin'])
        return true;
    else
        return false;
}
?>