Last Updated: July 03, 2019
·
691
· watsonallie11

Tips for writing secure PHP

I am working on a log in system for my website. Can someone tell me if this is safe PHP? I am creating a salt with md5 and sha1. Then I am combining the salt with my password and then hashing it again. Is this safe? Also, is this the proper way to read session variables?
if($password != $_SESSION['password']) {
return false;
}

I want to make sure my website is a s safe as possible? Any tips?