When your user logs in, you should assign a few sessions.
Make sure you have session_start(); somewhere in your script.
You want to be able to tell if your user is logged in. You want to do this with a session rather than a cookie because users can edit cookies, but a session is stored on the server - it can't be edited.
I also usually assign sessions with the username for easy identification.
Do something like this:
PHP:
// if they're able to login
$_SESSION['loggedin'] = TRUE;
$_SESSION['username'] = $_POST['username']; // from the login form
Now, when you want to call it, do this:
PHP:
if ($_SESSION['loggedin'] == TRUE) {
// user is logged in
} else {
// user is not logged in
}
I assume by a "personal" member area, you want only the owner to see it?
If so, the way I would do it is to pull the user ID from your users table (you made user ID's right?). You can do this with a session, like this:
PHP:
$_SESSION['user_id'] = @mysql_result($result, user_id);
$result refers to your MySQL query result, and user_id refers to the column in your table.
Then you can do something like this:
PHP:
// say your url is www.something.com/profile.php?id=4
if ($_SESSION['loggedin'] == TRUE) {
$id = $_GET['id'];
$user_id = $_SESSION['user_id'];
if ($id == $user_id) {
// display the personal page
} else {
// it's not this user's page
}
} else {
// not logged in
}
Hope I didn't confuse you, and hope I helped.
EDIT: Probably the best way to get the amount of users logged in would be with MySQL. Add a column to your users table called "is_logged_in" or something like that. Make it an INT and make the default value 0. 0 = not logged in, 1 = logged in.
Then when the user logins do a MySQL UPDATE on the table to give is_logged_in a value of 1.
Then, do a query like this:
PHP:
$sql = "SELECT * FROM users WHERE is_logged_in='1'";
$result = mysql_query ($sql);
$mysql_num_rows ($result);
print $mysql_num_rows;
mysql_num_rows will count the rows with a value of 1 in the column "is_logged_in".
I'm not sure how you would change the 1 back to a 0, though. Obviously you could do it if they clicked logout, but after say 10 minutes of inactivity - I'm not sure how you would do it.
Hope I helped.