Okay, so I have been working with the tutorials and user guide to learn how to use CI. I have watched some online tutorials as well. I understand the methods used, but I am not an expert PHP programmer. I have used PHP for probably 10 or more years in my small web applications, so I am familiar with PHP.
I am presently working on my company website (small consulting/training company) in which I serve a couple of static pages but I am setting up a test taking section, which will be subscription based and serve pages which will allow a subscriber to register, pay (via paypal), authenticate via e-mail, login, build (configure) their test, take the test, and have the results of the test displayed (to include explanations and links to reference material).
I already have the code working through MAMP using mySQL as my database. I was reading that I really should put all of this behind https, therefore I should use a FrameWork to build my site as an application.
Since I am not handling payments, nor is my information really private because I am only storing an expiring username, password, and e-mail. I'm not even intending to store the subscriber's real name or other personal information.
Would it be simpler, and acceptable, to just use good filtering/validation on any text inputs when the subscriber is signing up or logging in? I guess the other text input area would be any comments via a contact form.
I can pay my hosting service $60 for a year of SSL and put everything behind the SSL, which I don't even know if that is needed. But, how much do I need to worry about other security issues?
CI appears to be the most lightweight FrameWork I have found, so I am sure I can learn it, but I was hoping for an honest opinion from this experienced community as to what direction I should go.
Thank you!
Tom