if cookie doesn't exist {
  if (the form has been submitted){
     check form for authenticity
     set cookie from login form
     print html headers
     print rest of script
    } else { # form not submitted
     print html headers
     print login form
    }
   }
else {
  print html headers
  print rest of script
  }