You'll have to use sessions of some kind, either standard php sessions or your own type of sessions. Put some kind of hash (check out md5 functions) of username/password combination into your db along with the session name whenever a user logs in, make it clear that logging out is a 'must' for users so you don't get problems with this table 'locking' things up (destroy cookie and also db record when logging out) - and also check, when a user tries to log in, if the username/password hash he's trying to use is already in the db (obviously, before putting it in there). Probably will also want to add some kind of time element - check with each login, destroying expired session rows, and update this table with each pageview with the current time. All in all, a bit complicated.

Otherwise, see if any of the authentication scripts out there, like on pear.php.net or pat-user, have some kind of feature like you're describing.