1st i like to tell that i am not related to web filed...basically i am a medical student so if try to be easy and simple in guiding me i be gr8full...:)

my site was hacked a few days back
my all html pages were okey
Only php scripts(some of them) that were hacked like my forum and form processores...
the window that gets me to admin section of form precessor shows like this

[www28.brinkster.com...]

it was white window (shown by red box) that displays this prompt.

i have to delate my folders of forum (after backing up) and form processors :(

i was told that this window appears with .htaccess password protection.
i install smartftp today (initally i was using cute ftp but in it i cant find the option for showing hidden files)
after connecting to my server i found these two files on my main directory "public_html"

1=.htaccess (there is no password protection so why this file is in my main directory)
2=.htaccess.1045650805 (this is empty)

1st... i want to know why these files are here...

but the big problem is how was i hacked......my password wasnt changed nor my rest of site was hacked....
i believe it was php script problem

i found this while searching

"Scripts that include the PHP phpinfo() debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes hostile client-side script code or HTML. If this link is visited, the attacker-supplied code may be rendered in the browser of the user who visit the malicious link."

more info= [securityfocus.com...]

though i did a text search and didnt find use of phpinfo() any where in the scripts i used....reson for telling u is this if u guys can help me
what are possible causes of hack
what should i do to prevent my self from future attacks
should i go for some other substitute.
thanks