PHP Login with Username/Password

Question

How would I edit the PHP below to allow for additional or multiple user names and passwords. For example User1 with Password JHFDE3, User2 with Password LKFW34, etc. From what I have read, an associative array would likely be best. There is no database, it is hardcoded to simply login and be able to view a php page.

For the particular code below, how would I make it into an associative array? Thank you.

<?php
session_start(); //initiates the sessions
if ($_POST['submit']) //checks to make sure the login form has been submitted
    {
    $user = "XXXXX";
    $pass = "XXXXXXX";
    if ($_POST['pass'] == $pass && $_POST['user'] == $user) //checks if the password submitted by the user matches the password stored in the $pass variable
        {
        $_SESSION['access'] = 1; //if login is successful create a session that can be authenticated 
        header("Location: " . $_SERVER['PHP_SELF']); //reload the page. The page will now not load the login form (see the first if condition)
    } else //if password is incorrect reload the login form
        {
        header("Location: " . $_SERVER['PHP_SELF']);
    }
} else if (!$_SESSION['access']) //if the "access" session is not accessible show the form (not logged in)
    {
?>

Answer 1

Try this:

--------------------------UPDATE----------------------------------

<?php
session_start(); //initiates the sessions

//begin testing
$_POST['user'] = 'username1';
$_POST['submit'] = true;
$_POST['password'] = 'pass3';
//end  testing

if (isset($_POST['submit'])) //checks to make sure the login form has been submitted
    {

    $users = array('username1','username2','username3');
    $passwords = array('pass1','pass2','pass3' );
    if(in_array($_POST['user'], $users))
    {
       $key = array_search($_POST['user'], $users);

       if($passwords[$key]==$_POST['password'])
       {
         $_SESSION['access'] = 1; //if login is successful create a session that can be authenticated 
         //header("Location: " . $_SERVER['PHP_SELF']);
         echo "welcome back ".$_POST['user'];
       } else //if password is incorrect reload the login form
        {
         //header("Location: " . $_SERVER['PHP_SELF']);
          echo "Password incorrect, error, redirecting to login";
        }


    }

    }
else 
{
  echo "Login form";
}
?>

Output:

Password incorrect, error, redirecting to login

But if you change the value of $_POST['password'] to 'pass1', like this:

$_POST['password'] = 'pass1';

You have this output:

welcome back username1

Saludos ;)

Answer 2

if it is only two users that should not be hard to get around, you can do something as follows;

 <?php
//change the variable values accordingly
$user1='user1';
$user2='user2';
$pass1='pass1';
$pass2='pass2';
if ($_POST['submit'])  {
//check if they are equal to your info
if(($_POST['user']==$user1) && $_POST['pass'] == $pass1){
        $_SESSION['access'] = 1; 
        header("Location: " . $_SERVER['PHP_SELF']); 
} else if(($_POST['user']==$user2) && $_POST['pass'] == $pass2){
        $_SESSION['access'] = 1; 
        header("Location: " . $_SERVER['PHP_SELF']); 
} else {//not valid at all
//do what you want for login fail
}

}
?>