I want to have some pages tailored to the person logged in, and these pages unavailable if someone does not log in.

I am familar with htaccess and the pop up password boxes, but i want to use php and make it fancier. I want tocheck the entered password against a database.

How do i control that the pages are not viewed until someone logs in, and how do i control that these pages are tailored to the user that logged in?

Is sessions (which i know little about), cookies, passing a hidden value, htaccess, etc... which is the better method? and are any of these secure?