yo uso esto
if(($user == $usuario) && ($pass == $password)){
echo "
con un form asi
Código PHP:
<form method=post action=index.php?ir=6>
<table width='200' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#666666'>
<tr>
<td><table width='254' border='0' align='center' cellpadding='5' cellspacing='0' bgcolor='#E9E9E9'>
<tr>
<td width='80'><div align='left'><font size='2' face='Verdana, Arial, Helvetica, sans-serif'>Usuario: </font></div></td>
<td width='164'><input type=text name=user style=Font-Family=Tahoma></td>
</tr>
<tr>
<td><font size='2' face='Verdana, Arial, Helvetica, sans-serif'>Password: </font></td>
<td><input type=password name=pass style=Font-Family=Tahoma></td>
</tr>
<tr>
<td colspan='2'><div align='center'>
<input name='Submit' type=Submit style=Font-Family:Tahoma value=Entrar>
</div></td>
</tr>
</table></td>
</tr>
</table>
</form>
esta mal?
con eso no protejo nada?