Jump to content


New Members
  • Content Count

  • Joined

  • Last visited

Everything posted by xphp

  1. Thanks Kicken, Very helpful. I may encrypt the info in the session variable before storing them. I have to come up with a strategy for how to hold/store/handle the key. At the end of the day, I want to make some effort to protect against a malicious person who somehow gets access to my site, FTP or otherwise. I have been building website since 1998 and only once someone used an old Open Software install (that I had forgotten about) that had a vulnerability and seriously ran amok throughout my site. I was so traumatized by that that I slowly removed all Open Source / CRM items, like Wordpress and everything is now 100% my code. Hey thanks again. Look for BTC tomorrow - wallet not on the air right now. Wanted to IM you but did not see how to do that. All the best, xphp
  2. Thanks requinix, Yes, I get what you say. Clickbank has motto of "no questions asked" refund. They do that because folks who sell "how to make money on the Internet" often badly oversell their wares and clickbank wants them to easily get refunds. Thanks for responding. I have been on this site for 1 day, and I love it already. Best, xphp
  3. I have a PHP page that offers various information from a single text file. This text file is encrypted on the server HD. Upon initial entry into the page, the user enters an encryption/decryption KEY and the encrypted file is decrypted to clear text and it is available for viewing. I have some parameters that I store in PHP session variables. I do this since various subsequent actions by the user will require these parameters. The code is written and the whole process seems to work well. Since the info in these session variables is sensitive, I need to understand WHERE they are stored. I know that it is a file on the HD, but after hours of reading the PHP Manual on sessions, I am not finding where (HD directory) that storage is. I have a typical shared hosting account for my web site. Mostly I want to discover is, are the session variables in y User/file hierarchy, or are they stored in a system area where the PHP is installed. Whew. Sorry this was so long. Thank you, xphp
  4. Hi SaranacLake, Here is an idea you. But first I want to tell you that, while I have written quite a bit of PHP code, I do NOT consider myself a PHP expert. On the other hand there are many individuals on this site who ARE experts. I have written and offered content articles and books for quite a few years (15+). Mostly I used clickbank to accomplish the transaction. then the user would be routed to a DL page. Problem I ran into, again and again was that people would get the PDF book, then immediately ask clickbank for a refund - and get it. So I switched to print-on-demand paperbacks. Anyway, how about after the customer pays for a book, you generate a random number, and give it to them as a password for the your DL page. You can activate that PW behind the scenes and time-limit it so 2 hours later it does not work. Would something like that work? Also ...... You keep saying "security". Are you concerned that someone gets FTP access to your site and can DL anything? Hope that never happens. Best, xphp
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.