I'm currently creating a site where users have to enter a password to enter a certain area. They only need to enter a password, no username. All users use the same password to enter the area. I want to use $_SERVER['PHP_AUTH_PW'] to achieve this. I have the following question:

1. When members enter the password in a the form and hit the submit button I first check if the password is correct and then I define $_SERVER['PHP_AUTH_PW'] = $password. I assume that this is a correct way to give $_SERVER['PHP_AUTH_PW'] a value?

2. Do I need to send the password as a hidden variable everytime I call the script or is this done automatically?