This is maybe a stupid question, but I figured I'd ask before I did something goofy: I've got an web application with a custom Login dialog which takes a user/pass that gets sent to the server. If both match an entry in the database, then there is maybe 10 or so pages that the user gets access to (depending on the rights associated with that account)...pretty straight forward for the most part.
Of course, if the user attempts to access one of these pages without having actually logged in, or has insufficient privileges, then I'm required to bounce him or back to the Login page to type in a user name/password that would give them access.
My Question: It would seem that for me to do this, I am required to put a call at the top of each restricted PHP page which checks the credentials and redirects if they are missing or insufficient...Is this a sound approach? Or does PHP offer a more intelligent way which does not requires the call be duplicated in near-all pages of the application?
BTW: This is not an MVC app - Just straight PHP
Thanks!