PHP, ASP - reading and suggestions

Okay after browsing for about 5 hrs I've come to the conclusion that I'm even more confused then I was when I started. I've pretty much figured out I need to learn PHP or ASP and the majority of the sites that do what I want use PHP. On that note what I want to do:

I currently run a fanfic site which with a rerelease of the show has boomed to a volume where manually converting and posting the stories has outgrown the time I have available. I want to make it so the only thing I have to do is fix bugs in my programming and maintain my webserver. I've written down how I want the site to act and look and my first priority is creating two things a user authentification system so that only those who have registered as authors can post their work.. I would like this to be fairly secure.. while there really won't be that much personaly information on the server I would like to learn to protect the data they submit i.e. username, pass, email address ect.. I know I have to somehow use sessions and cookies to make sure they have logged in before accessing a page in my restricted area.

The second thing that I need to create and this is the one I'm really having trouble finding material on yet I know some sites have managed it ie fanfiction.net is I need the user to be able to upload their story in either a word doc, txt file or html only those types and the server show the formatting the document was uploaded with but disable all html tags I don't want allowed...

I know this is jumping way over my head considering I know next to nothing about PHP or ASP .. I do however have a very firm grasp of html and some expierence in Java and C++ and SQL so I can usually figure things out based on code snippets and articles.

Unfortunatly I can't seem to find any info aimed toward IIS and SQL servers on the password authentification and abosolutley no clue on where to find info on the second part of what I need to do. Any references would be greatly appreciated.

Thanks and sorry for the lenghty post.

Khaje

 

This is fairly straight forward if you know SQL and IIS is a piece of cake to administer and set up. IIS is basically just the web server and doesn't really do any user authentication unless you use NT user manager. You can use the code in your page and cookies to directly authenticate users....avoid session variables as they are resource hogs. There are plenty of upload apps for both ASP and PHP as neither one does it natively. You can use some java to disable the abilty for browsers to read the html. People can always look in their offline content and save the text if they want to steal it. They can never get your ASP or PHP code because it is run server side and only serves the html to the person browsing.

Here are some ASP sites:
www.4guysfromrolla.com
www.codeave.com/asp/
www.asp101.com

SQL Site:
www.sqlteam.com/Forums/

GO to MS site to find info on IIS or do a google search.