doesnt do either. this just compares form data to database data and validates it. You'd have to change the part where it prints out all the info for the user to session data, and you would probably want to make it global.
another thing i kinda dont like about this is that the passwords are not encrypted. By encrypting them you insure the users privacy, you secure the database better, and its just better
Its not too shabby though, there are more than one ways to do this.