Greetings (and a question about user access)

[TommyKay]

Hi there, my name is Tommy. I've been asked to set up a website for a neighbourhood for them to share news, events, etc. and they have asked for it to be controlled by username / password passed out to residents. So far I have UserSpice up and running, when users login they are redirected to the website as planned. However, I have found that if I know the URL I am able to access the website without logging in (using incognito mode, for example).

I've tried adding the recommended lines for this as php in the html header using something like
<?php
require_once ‘../users/init.php’;  //make sure this path is correct!
require_once $abs_us_root.$us_url_root.’users/includes/template/prep.php’;
require_once $abs_us_root.$us_url_root.’usersc/templates/’.$settings->template.’/header.php’; //custom template header
require_once $abs_us_root.$us_url_root.’usersc/templates/’.$settings->template.’/navigation.php’; //custom template nav
require_once $abs_us_root.$us_url_root.’usersc/templates/’.$settings->template.’/container_open.php’; //custom template container
if (!securePage($_SERVER[‘PHP_SELF’])){die();}
?>

But when the browser reads the file the php lines appear as comments (only in the browser, opening the file on the server displays the code correctly). I don't really know what to do with it and don't have enough general understanding of php to make things work. If anyone can point me to a simple tutorial for blocking off web-directories using php (or UserSpice) I'd love to hear about it.