Generally, you provide a username and password field and have the form submit to a page dedicated to logging people in. Usually, the login is checked against records in a database, and if a match is found, a cookie is placed on the machine with a userid and a unique identifier that proves that they propperly logged in. Each script checks or includes a file that checks the cookie and provides information about the user from the database if the cookie is valid.