For study purposes I loaded onto my website the scripts for Structured Access Control from Kevin's "Build Your Own Database Driven Website 3rd Edition, Oct 2004 printing, Ch 12 (pgs 265-274).

Testing the secure page:
with the given username (foxmulder) and password (trustno1), nothing happed. Turns out the code in the book and the code archive has an error. Where has:
PHP Code:
 if (isset($_POST['login'])) {, etc
it should be
PHP Code:
 if (isset($_POST['username'])) {, etc
BTW, the editions of this book keep getting better and better. Keep up the good work, Sitepoint and Kevin.