hey i have nearly finished my website but want to make it have a more profession feel and sense of security....

SECURITY
first of all i have placed login, register and changing account details ( any where you enter password) in a ssl secure serever and also added md5 encryption to the passwords... is there any other methods ppl recommend to make sure it is even safer from hackers etc...

what about SHA1 encryption is that better and how would i implement that... SHA1(password)... also in mysql there are functions for the md5 and sha1 passwords and others how do they work and do they automatically un md5 and sha1 when trying to verify passwords....??

SPEED OF LOAD

at the moment all my pages (most) are in the form of .php files... with <?php include(); ?> for navigation bars, content and other .php forms etc...

would it make the page quicket if i placed everything in <?php include() ?> links, or does this slow down the loading of pages...?

any other key things i need to consider for loading of pages, except for image sizes....

Hi.

I suppose each ISP is different but I used to have three php includes in one of my pages and they went nuts. They disabled that feature from my account saying that it used up too many server resources.

I couldn't find an alternative to the include so, I just linked the domain name to a perl file and used perl to require the other files.

Other than this, just make sure your images are optimised for the web so that they are much lighter in terms of kb.

bazz

Well you seem like you know alot on web technologies so I'm guessing you're already using CSS for style (as that will greatly improve download speed)? Not much else you can do apart from that (you could perhaps optimize the CSS in some cases but as the CSS is saved in the cache it won't make much difference).

Includes won't make a difference to download speed, the client only gets sent the HTML anyway so there is no more to download, and as servers are generally very fast, it won't take them long at all to include the file before sending.

As for security it depends really on the site; you could employ SHA1 encryption etc but if someone comes along with a simple XSS hack and it works, it won't always help! Therefore make sure you cover all doors and exits. ;)

yep using css,

but what do you mean by cover all doors and exits, how would improve it, can i use sha1 and md5 or is it one or the other... how do implement it cause at moment i have md5().... is it just the same or is it better doing it from the mysql side and how does tht work... sorry but dont really now that much details about these things thank you...

sha1 is better, md5 can be cracked very easily if someone got hold of the encrypted password (rainbow tables ;)). And yes, just use sha1, don't bother with md5.

As to XSS and other exploits, it depends on how it's coded really. Secguru (http://www.secguru.com/param/commonly_asked_cross_site_scripting_questions) has some info on how to protect yourself.

Yes I think it's just a case of replacing md5 with sha1. See http://uk.php.net/sha1 for more info.

thanks...

at the moment my pages are loading far too slowly, i want it so its basically instanteneous on broadband.... but my background is taking far too long to load so i just see all text for a few seconds....

firstly does any1 know the code to make the page load up at the same time rather than loading words first then waiting for background.... so it waits that little bit longer but loads at same time so looks more proffessionally made....

secondly my background is about 60KB... is that too large ive used photoshop and used option save for web, but if i make quality any less then it looks really bad quality.... can any1 suggest anything i could do, apart from making background more basic... which id rather not unless i had to...

It's not overly large, most people are on Broadband now anyway therefore it'll probably download in less than a second.

As for loading it all at once you could try Googling for an Image Preloader (although not sure how well this would work with a background image).