So I am working on a php application powered with a mySQL. I feel I am an intermediate programmer in php and intermediate with dealing with mySQL. I have begun to research security as it is or should be in my opinion the core fundamental when building anything that contains protected information on a database. Security methods seem to be a personal preference, usually involving salt (when dealing with php) along with md5, sha1 or sha256 or a combination. I originally planned on using salt along with md5 and SSL, but I'm not sure if this is the best way to go about all of this.
So I am wondering what languages and methods users prefer to protect their databases with? The reason I am asking is because I see alot of online banks using cgi scripts and I am curious if maybe cgi scripting is a better alternative for more sensitive information.
I have never really gotten this in depth with security on the web, so I figured I'd rack some of the communities opinions on this topic.
Sorry forum mods if I am in the wrong section, couldn't find a security section to post this in and since it relates to protecting databases I figured this was as good of a spot as any.