<?php

// File Name: login.php
// Check to see if $PHP_AUTH_USER already contains info
$host = "myhost";
$user = "username";
$pass = "password";
$db = "database";
$utable = "table";
mysql_connect($host ,$user,$pass) or die("Unable to connect to database");
mysql_select_db("$db") or die("Unable to select database $db");
if (!isset($PHP_AUTH_USER)) {

// If empty, send header causing dialog box to appear

header('WWW-Authenticate: Basic realm="SOME FRIENDLY NAME HERE"');
header('HTTP/1.0 401 Unauthorized');
exit;

} else if (isset($PHP_AUTH_USER)) {

// Formulate the query

$sql = "SELECT * FROM $utable WHERE username='$PHP_AUTH_USER' and user_password='$PHP_AUTH_PW'";

// Execute the query and put results in $result

$result = mysql_query($sql);

// Get number of rows in $result. 0 if invalid, 1 if valid.

$num = mysql_num_rows($result);

if ($num!= "0") {
header("Location: test2.php");
exit;

} else {

header('WWW-Authenticate: Basic realm="ANY MESSAGE YOU WANT THE WINDOW TO SAY HERE"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authorization Required.';
exit;

}

}

?>

the form I have is this:

<form name="LOGIN" method="post" action="testing%20stuff/test.php" align="top">
<td valign="bottom"> <div align="right">
<script src="Java/login.js"></script>
<input type="text" align="absmiddle" name="Username" class="UsernameField" onFocus="return clearusername()" onBlur="return shwusername()" >
<input type="password" name="Password" class="PasswordField" onFocus="return clearpassword()" onBlur="return shwpassword()">
<br>
<font size="1" face="Arial, Helvetica, sans-serif"><strong> Users</strong>:
</font>
<input type="submit" name="Submit" value="Log-in" class ="Buttons" onClick="MM_validateForm('Username','','R','Password','','R');return document.MM_returnValue" >
<br>
</div></td>
</form>

the javascript is:

<!--
function MM_findObj(n, d) { //v4.0
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && document.getElementById) x=document.getElementById(n); return x;
}

function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 ¦¦ p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
} else if (test!='R') {
if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
if (test.indexOf('inRange')!= -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (val<min ¦¦ max<val) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == '');
}
//-->

Basically i want to know how instead of having the windows login manager pop up when you go to the php code, I want the form to take the place of the windows pop up log-in screen. also how would i add a check to pages to make sure you are logged in before you go to them (that way if people know the path of the files they can't just go to them)