For Basic HTTP Authentication, you have to send the authentication request in the HTTP header. For more information, have a look at these White papers: RFC 2617 and RFC 7235 (further explanation in the comments to this answer). Naturally, this doesn't allow for any other data before (like "background HTML"), as you can also read in the PHP manual on the header()
function:
Remember that header() must be called before any actual output is
sent, either by normal HTML tags, blank lines in a file, or from PHP.
I'd recommend using another form of authentication, like Sessions for example. You could have a look at this guide.
However, if you really have to use Basic HTTP Authentication and want to display something in the background, a workaround would be the usage of two files and <iframe>
:
background.html will show your desired "background HTML" and is the file you will open in your browser:
<h1>Beautiful background</h1>
<!-- you can put your background HTML code here -->
<iframe src="login.php" />
login.php has to contain the PHP code for the Basic HTTP Authentication, just like the code you used in the example in your question above.