Hi
you're probably in the wrong forum for that. You might wan't to check out
http://www.phpbuilder.com/ for PHP coding problems.
But from what I think, you might want to check the referer variable (check the $_SERVER array) to see where the user comes from. This is quite unreliable and could be spoofed quite easily so this might not be the best way to change that.
I've had good experiences when putting the login/logout code into a seperate file. This way POST variables get deleted when returning to the normal website.
use code like
Code:
<?php
/*check for proper user here and set the session variable
header("Location: somewhere.php");
?>
to redirect the user to the website again.
Really preventing the browser from resending the data is not really possible, as far as I know.