can you provide a little more detail please?
how does it "not work"?
does it not redirect to the login success page?
when you try to log in, what is happening?
how does this differ from what you expect to happen?
to help us troubleshoot, add the following code to the login page just before the closing </body> tag:
<?php var_dump($_SESSION); ?>
after trying to login what does this output to the login page?
can you send a copy of the login page in a zip archive?
what rules have you applied to the protected pages?
How are those rules defined?