It's difficult to help without knowing how you log people in (you must do so you at least know they're logged in and which user they are)
I'm going to assume a basic login system.
The way I do it is basic login.php page, if login successful set some basic sessions (no password, username or sensitive info) and set their user level (so you can manage what they can access)
eg, if login = successful:
$_SESSION['loggedin']['userlevel'] = $FromDatabase['userlevel'];
Then in an include file which is included in every page (header.php or config.php)
I have (my config.php is before any headers/browser out put sent etc)
if (!isset($_SESSION))
{
session_start();
}
$strUserLevel = false;
if (isset($_SESSION['loggedin']['userlevel']))
{
$strUserLevel = $_SESSION['loggedin']['userlevel'];
}
Then I can use this throughout the site to control their access, :
if($strUserLevel == false)
{
header("location: login.php");
die();
}
//or wherever you want to redirect them
//or just say you need to be logged in to view this, link to login page (etc)
if ($strUserlevel < 3) // or whatever level they need for this page
{
echo "You cannot edit this page";
exit();
}
else
{
//a form or whatever
}
The above is just basic examples. My code is a bit more complex as I always use config.php in includes and set global variables to use site wide there, and have a basic login check function (checks their current IP matches the one I checked at login time and stored in DB and other things etc).
Another method of permission control is using mysql tables. So if you have TABLE tblEditPageAB, anyone who's name is in in a row in that table can edit that page.
Though this is more used for admin control, ie you have tblAdministrateOtherUsers - again anyone who has their name/details in a row in that table can administrate the other users (or whatever)
To check this you just simply query, and if no results they can't.
Again, the best approach all depends on your site, scenario, how many page syou have to be edited, if they're created on the fly, etc.
There are all manner of approaches, but hopefully I've given you food for thought, and helped :)