-The user will have to be able to Register to the system with 8-10 fields that I can give you.
-AJAX Needs to check availability of account name from database
-PHP will need to check that nothing is null on submit with rules
-Use proper Md5 encryption and verify password = password on register
-User will have to be able to login into this system.
-A defining variable will be a select and parse the Sub Domain from the URL. So In Example : [url removed, login to view] The login page will need to parse and query the "account" from the URL then securely verify that the user account & password is correct.
-The login session needs to be secure and valid per user logged in
-Highly secure MD5 style sessions (not cookie based)
-Simple log out function to destroy the session
Very specific details can be given to successful bidder such as what the fields need to be called and lengths etc.
This is pretty straight forward. Let me know if you have any more questions.