Article on Sitepoint about Authentication and Access control in PHP. Might be useful. "One of the side effects of building your site with PHP, as opposed to plain HTML, is that you'll be building dynamic Web applications rather than static Web pages. Your site will let you "do" things that weren't possible with plain HTML. But how can you ensure that only you, or those to whom you give permission, are able to "do things," and prevent the Internet's raging hordes from running riot on your site?"
One paged print version can be found here.