Here is some code I stole a long time ago, hope it helps.
if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
mysql_connect( '$host', '$user', '$pass' ) or die ( 'Unable to connect to server.' );
mysql_select_db( '$db' ) or die ( 'Unable to select database.' );
$sql = "SELECT * FROM users WHERE user_name = '$PHP_AUTH_USER' AND pass = '$PHP_AUTH_PW'";
$result = mysql_query( $sql ) or die ( 'Unable to execute query.' );
$num = mysql_numrows( $result );
if ( $num != 0 ) {$auth = true; }
}
if ( ! $auth ) {
header( 'WWW-Authenticate: Basic realm="Private"' );
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required.';
exit;
} else { echo "
<table>
<tr>
<td><font color='green'>Logged in, please wait</font></td>
</tr>
</table>
<META HTTP-EQUIV='refresh' content='1;URL=menu.html'>";
