undefined variable on php page using session -

i've tried building secured area using php session(). basic workflow:

log in->go checkuser page that:

• queries database user
• starts session -> session_start(); , sets session variables
• goes home member page

code on check userpage

session_start(); error_reporting(e_all); ini_set('display_errors', 1); include 'dbconnect.php'; $email_address = isset($_post['email_address']) ?        $_post['email_address'] : ''; $password = isset($_post['password']) ? $_post['password'] : '';    $passwordmd5 = md5($password);   $result = mysqli_query($con, "select * users email_address='$email_address' , password='$passwordmd5' , activated='1'");   $login_check = mysqli_num_rows($result);   if($login_check > 0){   while($row = mysqli_fetch_array($result)){   foreach( $row $key => $val ){     $$key = stripslashes( $val ); }       $_session['first_name'] = $first_name; } 

i notice if leave site , hit in browser session variable being undefined. makes sense me because left secure page. seems wrong here. supposed work this. best method fix? sits on top of each page in secured site

ob_start(); session_start(); require_once ('verify.php');  $page_title = 'sponsor.php'; $sid = session_id(); $first_name=$_session['first_name']; 

an error occurred in script '/home/buzrw/public_html/web/website/php/main.php' on line 8: undefined index: first_name

the verify.php script contains error handler follows:

<?php   // flag variable site status: define('live', true);  // admin contact address: define('email', 'myemail');  // site url (base redirections. address redirected if try access protected page , not logged in.): define ('base_url', 'http://www.website.org/index.php');  // location of mysql connection script: define ('mysql', 'dbconnect.php');   // create error handler: debug_backtrace; function my_error_handler ($e_number, $e_message, $e_file, $e_line, $e_vars) {  // build error message. $message = "<p>an error occurred in script '$e_file' on line $e_line: $e_message\n<br />";  // add date , time: $message .= "date/time: " . date('n-j-y h:i:s') . "\n<br />";  // append $e_vars $message: $message .= "<pre>" . print_r ($e_vars, 1) . "</pre>\n</p>";  if (!live) { // development (print error).      echo '<div class="error">' . $message . '</div><br />';  } else { // don't show error:      // send email admin:     mail(email, 'site error!', $message, 'from: admin@website.org');      // print error message if error isn't notice:     if ($e_number != e_notice) {         echo '<div class="error">a system error occurred. apologize inconvenience.</div><br />';     } } // end of !live if.  } // end of my_error_handler() definition.  // use error handler. set_error_handler ('my_error_handler');