redirect - PHP: Login using external file -

i having issue using external login file. go external login php page , validate form. once form has been validated redirect previous page , start session. issue having session not start (i.e. not change login form log out button). code down below. in advance.

index.php

<?     session_start();     include('phpfunctions/databaseconnect.php');     include('phpfunctions/reusablefunctions.php'); ?> <!doctype html public "-//w3c//dtd xhtml 1.0 transitional//en"         "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">     <head>         <meta http-equiv="content-type" content="text/html;charset=utf-8" />         <title>unnamed classifieds site</title>         <script type="text/javascript" src="js/formvalidation.js"></script>     </head>     <body>         <div class="wrapper">             <div class="login">                 <? if(isset($_get['error'])){$error = $_get['error'];} ?>                 <span id="error_message" class="error"><? if(isset($error)){echo $error;} ?><span id="login_error"></span></span>                 <? login(); ?>             </div>             <div class="mainlogo">                 <? mainlogo(); ?>             </div>             <div class="search_form">                 <span id="error_message" class="error"><span id="search_error"></span></span>                 <? search(); ?>             </div>             <div class="footer">                 <? footer(); ?>             </div>         </div>     </body> </html> 

login.php

<?      include('phpfunctions/databaseconnect.php');     $error = array();      $email = $_post['email'];     $password = $_post['password'];      if(empty($email) || empty($password)){         $error[] = 'please fill in form!';     }else if(!preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/',$email)){         $error[] = 'your email not in correct format!';     }else if(strlen($password) < 6){         $error[] = 'your password must @ least 6 characters long!';     }else{         $hashpass = md5($password);          $query_user = mysql_query("select * users email='$email' , password='$hashpass'") or die(mysql_error());         $num_rows = mysql_num_rows($query_user);          if($num_rows == 1){            while($row = mysql_fetch_array($query_user)){                $_session['id'] = $row['id'];                header('location:index.php');            }         }else{             $error[] = 'sorry no user email or password!';         }     }      if(!empty($error)){         foreach($error $key => $values){             $error_message.= "$values";         }          header('location: index.php?error='.  urlencode($error_message));     }  ?>