Originally Posted by Redcoder
Use PDO and prepared statements to prevent SQL injections. But if you plan to use mysql, ensure data security by using the required functions to sanitize data.
to rename files, that is trivial as you can assign names to the files during storage through the $_FILES. You just get the current files name and use strtolower
Just remember to never store passwords in plaintext and use salts - for security off course.
Well I am still a reletive newb to databases. I know a bit more about PHP versus MySQL. The only MySQL stuff I have done really is from tutorials (copying scripts) or modifying existing db's (phpBB2 stuff).
As far as PDO and prepared statements. Would need assistance modifying code to use..
As far as MySQL, would also need assistance on tweaking the code.
I did locate a sample register/login/logout script but cannot seem to get it to work. When I try "register" it reloads the same page, and does not enter anything into the database that I created.