Date: 01/02/05 (PHP Development)    Keywords: php, html, database, sql, java, security, web

alright, so, i finally got around to designing my 'security system' for my family's website. here's how it'll work:

1. user enters their username and password into an html form. a javascript function will confirm that both are between 6 and 16 characters long
   
2. if they, are, they'll be passed to login.php which will double check the lenghts of the two strings, and then confirm that neither one contains anything but letters and numbers. if they don't pass muster, the user gets rerouted to the html login form.
   
3. if the above two criteria evaluate to true, then a SQL query will run to see if there's a matching username and password row in a database.
   
4. IF SO, the script calls session_start() and $_SESSION['UsrIsLogdIn']=true;. the script then redirects them to the rest of the site.

Source: http://www.livejournal.com/community/php_dev/51178.html