If somebody logs in on say myserver/login.php, then if login is ok there are redirected to their page say myserver/joe.php

Well how do i have it so it goes,

login.php--->main.php but still on their page, so there could be 10 users, each with their own page but all they see is main.php, in other words i want to stop direct access to an individual page, if it was just myserver/joe.php then you could directly acces that page. I know you cause sesions and cookies to check if the've logged in or not but how do you hide the url?