Intenz posted all the code you need to do it the simple an' easy way.
session_start() on top of every page.
$_SESSION['var']="var"; // to register a session variable
$var=$_SESSION['var']; // to assign a regular variable
(just to make it easier to type)
unset($_SESSION['var']); // to kill a session variable
You could register the User name and User ID as $_SESSION variables, for instance, then serve the pages contingent on those variables being present.
These methods 'maintain state' but do not guard against people trying to break in on somebody elses session. If security is an issue, you also need to check environmental variables, register them as $_SESSION variables, then check against them on every page that requires a login.
I would link you to a site that explains it properly, but I have not seen one yet. Many tutorials are not up to date and offer insecure (but complicated) solutions. The above methods and the pages that Intenz posted give you enough to log in and play around.
EDIT: Of course, I was assuming you have a user base set up so you have something for them to validate against when they log in. If you do not, then the database is where you need to start. When they log in with their name and password, you will need to have that data stored somewhere you can access it, compare the values, and enter the $_SESSION data if they pass.
I have seen sites that everybody has the same password, in that case you can just hard code it into your script and be done with it, but that is a simplistic example that is inadequate for most needs.
