When the user logs in you should set a session variables to say they are logged in.
If the user logs out you should use session_destroy() to end the session.
This way the variable is destroyed, so if you check the session variables it will not be true. I personally use $_SESSION['isLoggedIn'] = TRUE.
Edit to add: If you want this to work on multiple browsers or computers you need to save the logged in or session ID to a database so you can check to see if the user is logged in elsewhere.
