Login/logout for admin and regular users

I made a login/logout page, but now I i’ll like to separate the admin from regular users as they login. What I am trying to do is to have regular users just view available files, and the admins well of course they will be able to view and edit those files.

Now my set up:

Login.php
[php]
<?php
session_start();
include(“password.php”);
require_once “config.php”;

/* Constants */
$TITLE = "Formation - User Login";
$CSS = array("assets/css/formation.css");
$JAVASCRIPT = array();
$mode = $_GET["mode"];
/* Template */

require_once $TEMPLATE_PATH."header.php";

if ($mode == "login") { /// do after login form is submitted
     if ($USERS[$_POST["username"]]==$_POST["password"]) { /// check if submitted username and password exist in $USERS array
          $_SESSION["login"]=$_POST["username"];
          header("location:index.php");
     } else {
          echo "Incorrect username/password. Please, try again.";
     };
} else if ($mode == "logout") {
      session_start();
      unset($_SESSION["login"],$USERS);
      header("location: login.php");
      exit(0);
};
echo <<< XHTML

    <h1>$TITLE</h1>
    <form id="form" method="post" action="{$LOGIN_URL}?mode=login">
        <label id="username_label" for="username" class="normal">Username</label> :<br />
        <input id="username" name="username" type="text" value="" class="half" /><br />
        <label id="password_label" for="password" class="normal">Password</label> :<br />
        <input id="password" name="password" type="password" value="" class="half" /><br />
        <input id="submits" type="submit" value="Login" />
    </form>

XHTML;

require_once $TEMPLATE_PATH . "footer.php";

?>

[/php]
Password.php (verifies users and passwords)
[php]
<?php
$USERS[“drodrig1”] = “pwd1”;
$USERS[“jsutta”] = “pwd2”;
$USERS[“username3”] = “pwd3”;

function check_logged(){ 
     global $_SESSION, $USERS; 
     if (!array_key_exists($_SESSION["login"],$USERS)) { 
          header("Location: login.php");
          exit(0);
     };
};
?>

[/php]
Config.php
[php]
<?php

$ASSETS_URL = "https://url-link/formationXX/assets/";
$ASSETS_PATH = "serverpath/formationXX/assets/";
$TEMPLATE_URL = "https://url-link/formationXX/assets/template/";
$TEMPLATE_PATH = "serverpath/formationXX/assets/template/";
$LOGIN_URL = "https://url-link/formationXX/login.php";
$LOGIN_PATH = "serverpath/formationXX/login.php";

?>

[/php]
Index.php (After login, this is where I want to see admin differentiate from regular user. The admin should be able so see and edit the following: CSS, JS, Email, PDF and Spread Sheet. Meanwhile user can only view all except: CSS, JS)
[php]
<?php

require_once "config.php";
session_start(); /// initialize session
include("password.php"); 
check_logged(); /// function checks if visitor is logged.

/* Constants */
$TITLE = "Formation - User Login";
$CSS = array("assets/css/formation.css");
$JAVASCRIPT = array();
/* Template */

require_once $TEMPLATE_PATH."header.php";

echo <<< XHTML
        <form id="form" method="post" action="{$LOGIN_URL}?mode=login">
          <div class="full row column">
            <h1>{$TITLE}</h1>
          </div>
          <div class="full row column">
            <div class="half column small">
              <p>Logged in as: <strong>{$_SESSION["login"]}</strong> | <a href="{$LOGIN_URL}?mode=logout" class="small">Logout</a></p><br />
              Add Form | Delete Selected Form(s)
            </div>
          </div>
          <div class="full row column">
            <table id="formslist" cellpadding="0" cellspacing="0">
              <th>
                <tr>
                  <td class="form_select">
                    <input id="selectallforms" name="selectallforms" type="checkbox" value="Select All Forms" />
                  </td>
                  <td class="form_id">
                    ID
                  </td>
                  <td class="form_url">
                    URL
                  </td>
                  <td class="form_dates">
                    Launch Date
                  </td>
                  <td class="form_dates">
                    Expiration Date
                  </td>
                  <td class="form_autofill">
                    Autofill
                  </td>
                  <td class="form_save">
                    **CSS**
                  </td>
                  <td class="form_save">
                    **JS**
                  </td>
                  <td class="form_save">
                    Email
                  </td>
                  <td class="form_save">
                    PDF
                  </td>                  
                  <td class="form_dates">
                    Spread sheet
                  </td>
                </tr>
              </th>
            </table>
          </div>
        </form>
XHTML;

require_once $TEMPLATE_PATH . "footer.php";

?>

[/php]

Currently I am not getting responses so I guess I need a better explanation

1 What does the code do?
Ok, let me see if I can do this better. Lets start from the login.php
Login.php
Its just a normal login page, user type the user and password and they gain access.
At the moment any user(with valid password) will have access to everything.
What I would like to do is a separation of admin and users, so that when they login they can have access to selected items.

password.php
This is where I verify if the user has a password.
Also there is the function that checks if the users are logged in.

config.php
is just the url/paths for certain files. ex the Header and footer .php files that are basically the template files. In other words html>head>/head>body>div>content/div>/body/html>

index.php (user view only, admin will view and edit ) emailForm.php, cssEdit.php, jsEdit.php, formCreate.php(Are other pages that I will create for admin use only)
Here is where I will get the items(in this case available forms).Each item will have the following:checkbox, Id#, name(url), launch date, expiration date, css, js, email, pdf, spread sheet.
The user that access this page can ONLY VIEW the following:checkbox, Id#, name(url), launch date, expiration date, email, pdf, spread sheet.
While the admin can view and edit: checkbox, Id#, name(url), launch date, expiration date, css, js, email, pdf, spread sheet.
This is also where the admin will have access to the other pages which include emailForm.php, cssEdit.php, jsEdit.php, formCreate.php.

Now where are my issues

1. Getting a separation of admin and users (currently working on this)
2. Getting the items(Forms), the are available in a different folder. (Once issues #1 is complete)
3. When the items are collected, make sure that it will print out in the following format checkbox, Id#, name(url), launch date, expiration date, css, js, email, pdf, spread sheet.

            echo "    <tr>\n";
            echo "      <td class=\"form_select\"><input id=\"select-all_form1\" name=\"select_all_form1\" type=\"checkbox\" value=\"Forms\" class=\"case\" /></td>\n";
            echo "      <td class=\"form_id\">" . $value . "</td>\n";
            echo "      <td class=\"form_url\"><a href=\"" . $key . "\" target=\"_blank\">" . $form_title . "</a></td>\n";
            echo "      <td class=\"form_dates\">".$launchdate."</a></td>\n";
            echo "      <td class=\"form_dates\">".$expiredate."</a></td>\n";
            echo "      <td class=\"form_autofill\">".$filler."</a></td>\n";
            echo "      <td class=\"form_save\">".$css."</a></td>\n";
            echo "      <td class=\"form_save\">".$js."</a></td>\n";
            echo "      <td class=\"form_save\">".$email."</a></td>\n";
            echo "      <td class=\"form_save\">".$pdf."</a></td>\n";
            echo "      <td class=\"form_dates\">".$spread."</a></td>\n";
            echo "    </tr>\n";

I hope this is better.

Why don’t you assign a role to your users say 1 for normal and 2 for admins.

Set a session variable with the role stored in it. Then on your edit pages check the session variable and if 2 allow edit otherwise read only.