How to secure my PHP webpage from unauthorized Users -

i new in php , facing problem security. use redirect unauthorized users if not logged in.

<?php session_start();  if(!isset($_session['user_id'])) {     header('location: login.php'); } ?> 

it on every top of page when log in , click protected page redirect login page instead of original/protected page open , session variable set on login page how include session variable in protected page login page.

if when, log in, sends login page, $_session['user_id'] may not set, or aren't including session in file, check it, do:

var_dump($_session['user_id'])

on page, , temporally leave out header if var_dump returns null, means, $_session['user_id'] not set