Hi Im an intermediate programmer but have only coded php for less than 1 year ...so I guess im new as far as that goes:-). I basically surf the web alot picking the odd well explained part out of large progranmming guides so that I can learn fundemental aspects of site development and configuration of server side software. I actually decided though that I would register for this site purely because of this (old) quality post written by jatar_k(think he is a moderator) ....The thing is Im quite familiar in regards to what a server has to do to process users information for registration and login ......the thing is when developing my site I always thought to myself is my site secure enough? and are these guides are they just bare bones stuff with great big security issues? ......anyway although jatar_k says his script is just the basics I feel they have explained it in a thorough way and because of the post it has done something no other php guide has done! .....its made me think of other ways I could secure my scripts.......im am pleased at this as now that I have a reasnable web host and making a site I dont want to get users and get a bad reputation or get into trouble for not taking enough precautions to secure there data.......Anyways what a well explained post I will include the link below.

On that note in regards to my site I plan to have a general site that can get as many people as possible ......maybe have a news page login and registration page and a computer guides page for various different aspects in this field and I was wandering basically any good methods for securing a login script that people think are a must!

what I have come up with so far is
use php sesssions
store and validate users ips
use md5 algorithm for passwords

Also are there any scripts people know off that are used alot and are dangerously insecure ......if so why?

I know this is a kind of broad question but I really liked the aforementioned post and it made me realise what a minefield scripts and the legal system can be:-)