you're probably in the wrong forum for that. You might wan't to check out http://www.phpbuilder.com/
for PHP coding problems.
But from what I think, you might want to check the referer variable (check the $_SERVER array) to see where the user comes from. This is quite unreliable and could be spoofed quite easily so this might not be the best way to change that.
I've had good experiences when putting the login/logout code into a seperate file. This way POST variables get deleted when returning to the normal website.
use code like
/*check for proper user here and set the session variable
to redirect the user to the website again.
Really preventing the browser from resending the data is not really possible, as far as I know.