Jump to content


  • Posts

  • Joined

  • Last visited


Profile Information

  • Gender
    Not Telling

mattkenefick's Achievements


Member (2/5)



  1. I'm looking for a cart that is focused on like.. tickets and donations. I don't need a full featured OSCommerce / PinnacleCart kind of thing. It'll only be handling like 5 types of tickets to events and the ability to accept donations.. Does anyone know of a miniature kind of cart utility like this exists already? Or classes for such a thing?
  2. I have a table setup in MySQL to contain different copy versions of this page. It's collation is "utf8_general_ci" and the type is "text". Will this be able to store Chinese Simplified/Traditional, Arabic, etc characters? Not necessarily for Americans to view, but for their own country's viewing. So if I was in China, wrote on the Chinese keyboard and stored it.. Then refreshed my screen, I'd be able to see it? or would the Collation mess it all up? Thanks a ton! And this is very very urgent. Sorry
  3. Well.. I know about Client Review and everything. This isn't freelance work or anything, it's a legitimate business that really puts out for high end clients. But the issue is that my bosses ( like almost everyones ) don't really understand the work that me and my team does. They know its programming, but to get into detail would be a waste of breath so they don't understand threats. The client is like.. Beverly Hills middle aged men with extra cash to spare and a ripped-off idea. They wouldn't know what to look for if I put their face in it. I know that we can say "You approved".. But I don't want to just see this site fall to the hands of hackers or whatnot especially since I built the whole thing myself. You know? I might have a run on here perhaps.
  4. I have certainly tested it and the entire operation works. I wouldn't build something that didn't work. I've spent a long time on it and its practically my baby. One of the problems is that the boss undershot the price on this by a mile, the client kept adding and we shouldn't have accepted their requests, now they are getting eager for it and want it released. The issue is that if I hand it over to them to have them beta test, then they might just skip it and release it. But we can't hold this in our court much longer since we have already gone over on what we should have done. The entire thing works and everything I can think of is sealed up.. but if it were like that, nothing would ever get hacked or have errors.. And this is gonna take more than 1 or 2 people to test, which is all we have available here. I'm certainly not releasing a faulty product.
  5. Cooldude makes a good point. We could hire , and "hire", some people to try to take it down then charge the company. I don't think that we have any agreement about testing it. I mean, of course I've tested it as I've been going pretty thoroughly but there's always something. Cause even though I've done the on site tests like injection, session hijacking and such.. I didn't do any like, raw data posts to it.. or ddos attacks or anything like that. I feel bad giving it to them because I've grown so attached to the project but *sigh* it's all grown up now.
  6. I recently just finished a big project for my company and our client is in a hurry to rush it to release. I'm pretty sure that I've covered most of my bases in terms of entry points, injection vulnerability, HTTPS, and such.. but there's always something. This is my least favorite part of any project is that 99% point cause you're always wondering what's left even though there might not be anything, but at the same time, there's always something. This site is pretty extensive and there's a lot of things to test. I don't think my company can afford to do it and I also don't know how good an idea it'd be for me to do it since I've been working on it for so long. I know what to do and what not to do. Should we tell these guys to hire some beta testers to thoroughly test and document it or what do you think? Have you ever hired beta testers? And when I say it's a big site, I don't mean like a forum is big.. It's like extensive like a community site mixed with e-bay would be.. so there are a lot of bases to cover (one of the reasons I don't want to do it.) Thanks!
  7. This isn't a paypal specific question. it's just about e-commerce in general. Like.. 2CheckOut or whoever offers those kinds of APIs that you authenticate with.
  8. I think I used to but I gave it up cause there was never anyone answering anything on it. Latest posted would be like 2 weeks old with no replies or anything.
  9. If I use PayPal Payflow Pro or something like that.. Does my server need to be secure.. or when I use cURL and send to their HTTPS , is that all that matters??
  10. For example.. lets saying you were making a community site.. Can be pretty complex.. So you have things to handle like a messaging system, user database, maybe some kind of e-commerce to handle membership fees, different user types / permissions , admin back-end, news, faq, forum, etc... How much time do you normally spend on each section? And what order do you normally do it in? Do you break it into more steps? - Wireframing - Cutting images, setting up template pages - Determining what fields / tables / etc to use for database structure - Programming templates together - Securing login / sessions - E-commerce - Applications - Final Touches I'm doing a larger scale app (not a community site) and was wondering what road you all take? I started out with a few days of wireframes which I found to be REAL helpful. We wireframed out almost every page, then fleshed most of them out in Photoshop. Then I went through and cut out all the images I'd need. Started building a page in HTML all in one file (css, html, anything else) then started dividing out the CSS / Scripts / HTML sections into Smarty or respective places. I have most of the style names and image names the same except for a prefix so all I have to do is change one word and have a new looking page (diff images etc). Once I'm set on the templates, I think I'll be starting the login system and linking the pages together. Then once I can nav through it logged in and out, I think I'll start building the inner applications of it. I kind of think of it like building house. Put up the walls and make the outside look nice, so you have your structure you can nav through. Then once all your rooms are created, start putting up the interior design and polishing it off (applications etc).. then fix up the yard at the end (server). How does everyone else go about it? :-X
  11. I never had to use SSL or certificates before because the job just never called for it but now it is. I run WAMP 5 right now, which is what I'm testing on. Both this and our real linux server have OpenSSL enabled. I just don't know how to create a certificate or anything like that. What I need to do is pass a POST data securely so people monitoring the network can't see the plain text of it. That's all and apparently it has to be really involved and stuff I really need help here.. It's extremely important if someone doesn't mind helpin out . ???
  12. 'HTTP_REFERER' The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.
  13. If I'm posting a form on http://example_1.com/test.html that sends the POST Data to http://mywebsite.com/reader.php, how can the reader.php determine where the results came from? I know that HTTP_REFERER works but I read on PHP.net that HTTP_REFERER isn't always gaurunteed for every server or something? Is there a way to be 100% sure of it, no faking the referer, etc..? http://www.php.net/manual/en/reserved.variables.php
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.