Learn how to use the php md5() function to secure user password in your user system.

Learn how to secure your code using base64

Nice little function that will generate a completely random password.

Learn how to ban someone's IP from your website!

PHP is a fairly easy language to learn and dosn't have a steep learning curvelike a lot of other languages do. While this is good in that newcomers to phpcan start coding very quickly, unfortunatly it is also bad because they usuallyend up writing insecure code. It is the same with many languages however, wheni started coding in C i knew nothing about buffer overflows or the effects theycould have, so, the majority of my early code was riddled with insecurities, this wasnot so much a problem as i wasn't doing web services or publically accessable things. With PHP however, most of it goes on the web and is thus accessible to a large numberof people, some of those people are nice... some not so nice.

Connecting to a database requires that passwords be included in the script at some point. Other scripts you write may include sensitive information. This information may be exposed if you do not wrap your PHP scripts. Protecting your scripts from prying eyes is called "wrapping." When you wrap a script, it is called by another script that hides your script and performs a number of security checks to ensure only authorized use is made of it.

Protect your user's information with MD5 hases in PHP.

This article demostrates an easy way to maintain sessions and security (or authorization) in PHP. It does NOT use the PHP built in session support. The following method will allow you to easily secure any PHP page by simply including a file at the top of every page. In this tutorial you will: a) Create your database structure; b) Create a login page; c) Create your security check include file; d) Secure your site. Update: I fixed a couple of bugs in the article. Thanks for the feedback Update to the update: I have fixed the article text to include the code that was missing due to the previous update.

PHP is great. Since you're reading a tutorial on PHP I'd be willing to wager that you think so too - or will in the near future. The extra functionality that this server side scripting language provides is a blessing to the designer and the coder alike when it comes to web site production; dynamic pages, email functions, bulletin boards, database access, search functions, members only areas... the list inues.Unfortunately, not everyone out there is as nice as your are, and sometimes they seek to abuse the systems which are provided - from sending fraudulent emails to iciously "hacking" sites. To be honest, the risk to you - and your web site - is almost vanishingly small unless you produce something at the corporate level; safety in numbers, and since the internet is in such a state of information overload you are virtually anonymous.

People like and have always liked keeping secrets. It's in the essence of man. So there are times when you want to write a PHP script accesibile only to you, or a select few. The answer to your needs is using a password. There is more than one way to password-protect a script, but we're going to talk about the most efficient one: HTTP Authorization, as implemented in PHP. HTTP Authorization has been available for some time now, and is usually achieved by using ".htpasswd" files, along with accompanying ".htpasswd". But since PHP arrived, HTTP password protection became much easier.