Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community!

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial


Konrad Pilch
Konrad Pilch
2,435 Points

How secure? PHP, probably not


I was wondering about this code here, to use for my website.

I know, its probably not really secure, or probably not at all.

I would probably look for better hash system then md5 . I would read a lot of blogs , and i probably would look in treehouse as well .

So, could i use thath code in my webiste if i upgrade the security? .

First of all i would do a test site, like treehouse site . Users, profiles, categories, news feeds ( forum) . And then if it goes well, clean,i would upgrade it and use it as production site? i wont have any credit cards info etc.. in the first few months, but later one, i would liek to implement a paying option as well plus location as the site will be about something to do with location, paying etc..but ofc, i want it to be secure, so no one can , get in , meaning it needs to be secure as thats the first step i believe to making a good business or even anything. Safety first : p

1 Answer

i think md5 is not very secure, i think php now uses bcrypt so you can do something like]

$password = bcrypt($_POST['password']);

you can do the treehouse build a simple php site, that shows you how to accept payment through credit car using paypal. if you want a more serious system you can check the workshop on using the stripe api

in general, building such a complex site like treehouse from scratch will drive you mad, look into using a framework like laravel, it provides you with all the scaffolding for your website, plus a registration, log in system out of the box, and a nice interface to your database

if you do decide to use laravel, be sure to check out laracasts