In this article, we will be looking at the login page of the application. This is the first page that any user wanting to use our application is going to be faced with and the most important one in this section. This script does the very important job of authenticating a user and can make or break the application in the sense that if it is weak security wise, then any attacker can easily penetrate our application and cause damage. In this case, we will try to make it as difficult as possible for attackers to break our application. Some of the things that we are going to do to strengthen our application is to enforce data validation and make sure that we also put some measures in place to stop SQL injection.
The article continues at http://www.webreference.com/programming/php/user_personalization3/index.html