above the else statement you have code. You can't have that there and the else statement must directly follow the if before it, i.e this:

PHP Code:
if()
{

}
else
{


and not

PHP Code:
if()
{

}
$boo;
$booboo;
else
{


try this, I moved the variables into the else statement and fixed your br tags.

PHP Code:
<?php
define
("LIMIT"10);
session_start();
//connect to database
$db mysql_connect("localhost","root","") or die(mysql_error());
mysql_select_db("shopping"$db) or die(mysql_error());
$islogged FALSE;
if(!isset(
$_SESSION["last_activity"]) || time() - $_SESSION["last_activity"] > LIMIT 
{
    
session_destroy();
    
header("Location:logout.php");
}
else 
{
$_SESSION["last_activity"] = time();
  
$islogged TRUE;
  
if(isset(
$_POST["username"]) && isset($_POST["password"])) 
{
$result mysql_query("SELECT * FROM login WHERE `username` = '$_POST["username"]' AND `password` = '$_POST["password"]'");
if(!
$result) die( mysql_error());
  if(
mysql_num_rows($result)) 
  {
   
$_SESSION["last_activity"] = time();
   
header("Location:products.php");
   
$islogged TRUE;
  }
  else 
  {
   
$error "username and password do not match";
  }
}
}
?>
<?php 
if(!$islogged): ?>
<form action="<?php $_SERVER['HTTP_REQUEST']?>" method="POST">
<?php if( isset($error) ): ?>
<p><?php echo $error;?></p>
<?php endif; ?>
Username:<input type="text" name="username" value="<?php isset($_POST['username']) ? $_POST['username'] : ''?>"
<br />
Password:<input type="password" name="password" value="<?php isset($_POST['password']) ? $_POST['password'] : ''?>"
<br />
<input type="submit" name="login" value="log in">
</form>
<?php endif; ?>