Also, this shit is harder than it seems, and it is painfully easy to introduce huge vulnerabilities if you don’t know what you are doing. SQL injections, CSRFs, etc can all be a problem if you go down a naive route.