Validating users can be a complicated thing but, depending on what you're trying to protect, you may not need an entire user validation and management system to keep it all straight. Evert Pot offers information on using PHP with a good old standby technology - HTTP basic and digest authentication.
HTTP authentication is quite popular for web applications. It is pretty easy to implement and works for a range of http applications; not to mention your browser.
He includes two scripts - one to force the Basic form of authentication (the password is passed over in clear-text) and the Digest method (the password is set over as a hash) - and how to check the values sent back for each. Obviously, the Digest method takes a little more doing and requires compiling a few different keys as an md5 hash to ensure that the user is valid.