I'm not sure if your concept is correct or constructive. I would suggest that you don't have a concept of "being on own profile", in other words, you don't have to have Web pages specific to a user.
For example of such approach, look at CodeProject. For example, click on
https://www.codeproject.com/script/Membership/Modify.aspx[
^]
or
http://www.codeproject.com/script/Membership/ListContacts.aspx[
^].
Every users access their own data through the same URL. At the same time, nothing prevents you from having some separate pages created per account. If you want to prevent other users (non-authenticated or users with different authentication record) to access such pages, you need to generate the page content on the server side (in your case, in PHP) and skip sensitive content or redirect the user to a different page. In both cases, you can always check up
$_SERVER['PHP_AUTH_USER']
. All your functions used to create any per-user content should be give a user id and address to user record (say, found in a user profile database).
Please see:
http://php.net/manual/en/features.http-auth.php[
^].
—SA