Best way to do that is with sessions
.
In the login.php do something like this
if (mysql_num_rows($result) == 0) {
header("Location: admin_login.php");
} else {
header("Location: admin_control_panel.php");
session_start();
$_SESSION['user'] = $_POST['username'];
}
Now in the admin_control_panel.php at the top of the file, just add this php code to check if $_SESSION['user'] exists.
<?php
if (! isset($_SESSION['user'])) {
header("Location: admin_login.php");
}
?>
Basically with this code you will create session with user data if login is correct. If it's not, he will by default get redirected to the login page. Now when someone tries to access admin_control_panel page, we will first check if session is set. If it's true, he can access the page, if not, he will get redirected to the login.
For more read about session: PHP.net Session manual and w3schools.com Session manual
*Note. To logout, you gotta destroy session, to do that use session_destroy();
function.