Question about logins and $_SESSION

I’ve created a login that I want to redirect to a page where the client can edit information to be displayed on their page. Right now I can only get a link to popup. I’d like to be able to skip that step, but the header function won’t work. I believe this might be due to and include command that I have at the beginning of my page, but don’t understand why it would block me from using a header.

I also have a question as far as sessions go. I’m still very new to php and don’t exactly understand how the $_SESSION command works or how to use this feature. My login is not really containing sensitive information, the worst that someone could do if they bypassed it would be to alter the information posted on the site. Obviously I don’t want that, but I wonder if I need the security of a session or if there were more basic measures that would be sufficient.

My plan was to hide my editing page under a non-descriptive name within a hidden folder like _this. Like I said, I’m very wet behind the ears and have never done anything like this yet, but I was hoping to get an opinion on this from someone more experienced.


May be this might help you.
Session tutorial

Login system example