Tons of ways to do this, but the easiest would be to use the standard htaccess authentication system available from Apache (assuming you're using apache for your web server). Simply create an htpasswd file by executing the htpasswd binary (check the man for usage) and add the users you want to give access to. Then create a directory you want to protect (ie, secure/). Inside this directory, place an .htaccess file that references the htpasswd file you created (syntax varies, check the web for creating an htaccess file). Once that is established, anything in the directory would require a username and password.

PHP can use the default htaccess authentication methods if you want the password box to be more customizable. Check out a book called PHP and MySQL Web Development by Welling and Thomson for a good explanation of this method, along with several others using PHP.