E-Commerce
I may be building an ecommerce site soon w/ PHP/MySQL, and I had a few questions.
I've done one before, as a sort of tutorial out of a book I own, with modifications to be sure I actually LEARNED what I'd been reading and all that. Anyway, my main concern is security, understandably. Now, I know a lot of the basics: add/stripslashes when working w/ db info, stripping the get variables of mysql statements and single quotes, making sure sessions and that are destroyed when they're supposed to be, etc, but I'm not sure if there is anything I REALLY need to watch out for. I don't wanna screw anything up, really, and end up seeing the clients' customers' credit card #'s printed on the main page or some crap like that. So, just throw out any security holes I should look to plug up at me.
One other thing is dealing with the credit card transactions. I believe I just send the customer info as variables or whatever to a secure page run by a credit card place? Is that how it works? This was the part that most sources I've looked around at have been pretty vague on. So throw out anything you can tell me on that as well.
Thank ya much!
I've done one before, as a sort of tutorial out of a book I own, with modifications to be sure I actually LEARNED what I'd been reading and all that. Anyway, my main concern is security, understandably. Now, I know a lot of the basics: add/stripslashes when working w/ db info, stripping the get variables of mysql statements and single quotes, making sure sessions and that are destroyed when they're supposed to be, etc, but I'm not sure if there is anything I REALLY need to watch out for. I don't wanna screw anything up, really, and end up seeing the clients' customers' credit card #'s printed on the main page or some crap like that. So, just throw out any security holes I should look to plug up at me.
One other thing is dealing with the credit card transactions. I believe I just send the customer info as variables or whatever to a secure page run by a credit card place? Is that how it works? This was the part that most sources I've looked around at have been pretty vague on. So throw out anything you can tell me on that as well.
Thank ya much!