Developing a secure PHP login and authentication strategy

Question

I\'m developing a login and authentication system for a new PHP site and have been reading up on the various attacks and vulnerabilities. However, it\'s a bit confusing, so

Answer 1

-use sha1 with salt -of course you must define that every form is not safe so used token for every form. That you create every form entry and sanitize it using preg_match. A process called sanitation.