REAL ROUGH process
1. create a table with id, username, password, salt
2. when user first 'registers' store the info into the table
3. when user logs in, check table. if valid store id into a session variable then redirect user to their appropriate page.
4. on landing page check to make sure the session variable has been set and that it contains a valid value. if yes, display content; if NO, redirect to an error page