Well, I'm almost finished with my first PHP site but I'm still very worried about security issues. I was wondering if anyone could give me some good tips to increase my security? Right now I'm using PHP and MYSQL to check a user's username and password, but I think I need to do more.
I'm not storing credit card numbers or anything sensitive but I'd like to make it tougher for a hacker to get into my site.
Another thing, I'm using the password() function....is there any way to reverse the hashing of the password because I want to be able to display it for the administration part of the site. Another thing is protecting the administration folder. Should I use PHP and MYSQL or should I just use HTTP password protection on the folder?
