first of all sorry if my english will be a little bad!
I'm a newbie of PHP programming and i've some questions:
I'm developing a website using PHP. In this site i have a login: more of one php page is accessible only to logged user, and in all of this pages i check if the user is logged using $_SESSION["user"] variable, that, if it is instantied, contains the username. Is repeating this control each page a bad practice? What are alternatives?
Then, an user could be an admin or a tester and i get this information doing a query when i need (more of one time for the same session of the user). Should i use another $_SESSION variable to store these informations? and check this variable where i need? (In this moment i do a query to get (again) this information).
Is to use a SESSION variable secure?
I ask because i've same code in more pages, and this doesn't seem a good practice.
Regards, Luca