What I want to do number one is merge my login script and my control panel coding into one as well as make the certain functions on the left only available to non admins of course. Can someone show me how I should accomplish these tasks because my setup is way wrong?

This is my control panel:

Code:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V2 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>

</head>
<body>
<div id=container>
<div class=header><form method=POST name=changedefaultcharacter>
<input type=hidden name=action value=mainmenu>
<input type=hidden name=newdefaultcharacterid value=0>
</form>
<script type="text/javascript" language="javascript">
function executeformchangedefaultcharacter(newdefaultcharacterid) {
document.changedefaultcharacter.newdefaultcharacterid.value = newdefaultcharacterid;
document.changedefaultcharacter.submit();
}
</script>
<table cellpadding="0" cellspacing="0" border="0" width="95%">
<tr>
<td width=110 align=center><a target=_blank href=/bio.php?username=andreas><img src="/backstage_125x150.php?username=andreas" border=0 width=100 height=100 hspace=5 vspace=5 /></a></td>
<td><form method=POST name=changecharacter>
<select name=newdefaultcharacterid class=dropdown onChange="executeformchangedefaultcharacter(document.changecharacter.newdefaultcharacterid.value);"><option value=349>Andreas van der Wal<option>** Active Characters **<option value=196>Angelica Brooks<option value=219>Beef<option value=367>Bernie Roberts<option value=165>Blaine Blair<option value=335>Bryan Dawkins<option value=339>C.P. Cantrell<option value=106>Chandler Tsonda<option value=360>Christian Novak<option value=328>Colby Korver<option value=340>Connor O'Reily<option value=337>Cozen<option value=351>Dametreyus Fuqueiawytas<option value=330>Delta Upsilon Iota<option value=193>Devin Shakur<option value=208>Dusk<option value=220>El Janito<option value=270>Eli VanNess<option value=17>Ellie<option value=271>Felix Young<option value=164>Gerald Barrett<option value=365>Ham Patrick<option value=329>Hank Cobb<option value=311>High Flyer<option value=338>Jason Natas<option value=345>Jeeves<option value=336>Jimmy Bonafide<option value=346>Kaiser Vashaun<option value=361>Kale Ryder</select>

</form>
</td>
<td width=40% valign=bottom align=right>
<a href="#" onClick="executeform('mainmenu','0');">Home</a> | <a href="#" onClick="executeform('logout','0');">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a> </td>

</tr>
</table>
</div>
<div id=container2>
<div id=nav>
<h1>Character</h1>
<ul>
<li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li>
<li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li>
<li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li>
<li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li>
</ul>
<h1>Submit</h1>
<ul>
<li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li>
<li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li>
<li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li>
<li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li>
</ul>

<h1>Handler</h1>
<ul>
<li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li>
</ul>
</ul>
<h1>Booking</h1>
<ul>
<li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li>
<li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li>
<li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li>
<li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li>

</ul>
<h1>Fed Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li>
<li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li>
<li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li>
<li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li>
<li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li>
<li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li>
<li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li>

<li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li>
</ul>
<h1>Site Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li>
<li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li>
<li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li>
<li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li>
<li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li>
</ul>
</div>
<div id=content>
<h1 class=backstage>Backstage Admin Console</h1><br />
<h2 class=backstage>Upcoming Events</h2><br />
<h3 class=backstage>Upcoming Show 1</h3><br />
<table class="table1" width="100%">
<tr class="rowheading">
<td>Match</td>
<td>Lead Writer</td>
</tr>
<tr class=row2>
<td>Troy Douglas vs. Jason Natas</td>

<td>Alex Clark</td>
</tr>
<tr class=row1>
<td>Kaiser Vashaun© vs. Rhett Locke</td>
<td>Matt Ward</td>
</tr>
<tr class=row2>
<td>DUI vs. The Awakening vs. Union Jack and Jeeves</td>
<td>Will Otto</td>
</tr>
<tr class=row1>
<td>Team VIAGRA vs. The Princes of New England©</td>

<td>Mike Renner</td>
</tr>
<tr class=row2>
<td>Cozen vs. Dusk</td>
<td>Craig Maloof</td>
</tr>
<tr class=row1>
<td>The Roulette</td>
<td>Matt Repchak</td>
</tr>
</table><br />
<h2 class=backstage>Maintenance</h2><br />

<h3 class=backstage>Records requiring editing</h3><br />
<form method=POST name=recordsmodule>
<input type=hidden name=action value=records>
<input type=hidden name=routine value=0>
<input type=hidden name=bookingid value=0>
</form>
<script type="text/javascript" language="javascript">
function executeformrecords(routine,bookingid) {
document.recordsmodule.routine.value = routine;
document.recordsmodule.bookingid.value = bookingid;
document.recordsmodule.submit();
}
</script>
<table class=table2 width="100%">
<tr class=rowheading>
<td>&nbsp;</td>
<td>Show</td>
</tr>
<tr class=row2>
<td valign=top align=center width=30><a href="#" onClick="executeformrecords('listrecords','139');">W/L</td>

<td valign=top>ReVolution 175 (08 Oct 2008) </td>
</tr>
<tr class=row1>
<td valign=top align=center width=30><a href="#" onClick="executeformrecords('listrecords','138');">W/L</td>
<td valign=top>ReVolution 174 (01 Oct 2008) </td>
</tr>
<tr class=row2>
<td valign=top align=center width=30><a href="#" onClick="executeformrecords('listrecords','137');">W/L</td>
<td valign=top>ReVolution 173 (24 Sep 2008) </td>
</tr>
</table><br />
</div>

<div id="footer">Backstage 1 &copy; 2009</div>
</div>
</div>
</div>
</body>
</html>
And this is my login script:

PHP Code:
<?php 


//if the login form is submitted
if(isset($_POST['login']))
{
    
// makes sure they filled it in
    
if(!$_POST['username'] || !$_POST['pass'])
    {
        die(
'You did not fill in a required field.');
    }
   
$username mysql_real_escape_string($_POST['username']); 
   
$pass mysql_real_escape_string($_POST['pass']); 

    
$check mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());

    
//Gives error if user dosen't exist
    
$check2 mysql_num_rows($check);
    if (
$check2 == 0)
    {
        die(
'That user does not exist in our database.');
    }
    while(
$info mysql_fetch_array$check )) 
    {
        
$pass md5(stripslashes($_POST['pass']));
        
$info['password'] = stripslashes($info['password']);
        
//$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT
        //gives error if the password is wrong
        
if ($pass != $info['password'])
        {
            die(
'Incorrect password, please try again.');
        }
        else 
      
      
// if login is ok then we add a cookie and send them to the correct page
        

            
$username stripslashes($username); 
            
session_start();
         
$_SESSION['username'] = $username
         
$_SESSION['loggedin'] = time();
            
            
// Finds out the user type
            
$query "SELECT `authlevel` FROM `users` WHERE `username` = '" $username "'";
            
$result mysql_query($query) or die(mysql_error()); 
            
$row mysql_fetch_array($result); 
            
$authLevel $row['authlevel'];
         
$_SESSION['authlevel'] = $authLevel;
        
            
// Sends them to correct page after login
            
if($authLevel == "2")
            {
                
$page "admin.php";
            }
            else
            {
                
$page "backstage.php";
            }
            
header("Location: $page"); 
        } 
    } 

else 

// if they have not submitted the form
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V2 Administration Console</title>
<link rel=stylesheet href=backstage.css type=text/css media=screen>
<link rel=stylesheet href=backstage_print.css type=text/css media=print>
</head>
<body>
<form method="POST" action="http://kansasoutlawwrestling.com/other/backstage.php">
<div id=login>
<h1>KOW Backstage</h1>
<p><label>Username:<br /><input type=text name=uname id=log tabindex=1 /></label></p>
<p><label>Password:<br /><input type=password name=pword id=pwd tabindex=2 /></label></p>
<p style="text-align: center;"><input type=submit class=button name=submit id=submit value="Login &raquo;" tabindex=4 /></p>
</form>
</div>
</body>
</html>

<?php
}
?>