PHP Session using only a single PASSWORD field (no username)?

I have been searching the web for a good tutorial on creating a script that allows someone to use a "enter password" field, and it then proceeds to allow them to access certain PHP pages.

I can only find tutorials that use both a USERNAME and PASSWORD (such as开发者_开发技巧 this tutorial- however i'm just looking for something that is secure, but uses one field only to authenticate.

Being a beginner, the only idea I have is to make the "username" field hidden, with the value of the actual username. I'm not sure how safe this is to do however, as i've heard it's dangerous to have hidden fields as they can be exploited?

I'm aware of SQL injection so i'm hoping to find something that is at least strong enough for that.

HTML:

<form action='login.php' method="post">
  Password: <input type="password" name="password">
</form>

Login.php

<?php
// this password may come from any source.
// it's a variable for the sake of simplicity

$password = 'verySecretStuff';

if($_POST['password'] == $password){
  //handle login
}else{
  // handle no login
}
?>

If you just want to use a password, instead of a username+password combination, you just leave out the username part in the tutorials, so logging in would go like this:\

<?php
$password = 'unsafepassword1'; // received from a form post or whatever
$password = md5($password);

// Looking if this password is a valid password in the DB
$query = 'SELECT * FROM valid_passwords WHERE password = \''.$password.'\'';
IF(mysql_num_rows(mysql_query($query) == 1){
// user logged in
}
ELSE
{
// password was invalid
}

Just have a single input in your HTML (you don't need username at all):

<input type="password" name="password" />

And query the database as normal, just for the password:

$password = $_POST["password"];
$result = mysql_query("SELECT password FROM passwords WHERE password='" . some_hash_function($password) . "'");
if(mysql_num_rows($result) > 0) {
    //There was a match
}

Update (based on comments on question)

If you want to allow access to multiple users with just a single widely known password, just store the password in your PHP script:

$password = "thePassword";
if(strcmp($password, $_POST["password"])) {
    //Matched
}

Note that this is NOT particularly secure... the password is stored as plain text in the script. However, as you seem to want to multiple people to know the password, it's probably the simplest option. I would still suggest using a database to store the single password.

Well, the bad thing about it is that with username and password, you have to know the combination, user-password, with only password, it is easier to find out and a lot of users will just set some dumb passwords like: 654321 or birth date and stuff like that.

About the hidden fields, avoid them but if you really need it, use sessions instead.