- user can log on using a username and password
- each user can be directed to a unique site
- upon successful logon, a hidden value (of the users name) is submitted for use in another form
- An error message is displayed if the user/pass are incorrect
- if possibe (not required) passwords to be hashed, so somebody can't view them by "view source"
Any help would be greatly appreciated