anthonydamasco Posted August 25, 2006 Share Posted August 25, 2006 Hello,I learned alot about PHP and MySQL in the last 2 months. I have forms and logins, sessions, all that good stuff, but now I have to make something I've been dreading. I have to make an Online Credit Application. SSN, checking account numbers the worx, I basicly need help finding sources to learning how to make a very secure form to keep my clients information safe.thanks! Quote Link to comment Share on other sites More sharing options...
drkstr Posted August 25, 2006 Share Posted August 25, 2006 Use SSL (Secure Socket Layer) to encrypt all incoming/outgoing traffic from the web server. Then use a simple input protection scheme to prevent injection attacks. On my form, I don't need any special symbols, so I wrote a function that takes a string (user input) as a parameter, passes it through a preg_replace("\W", '', $string) and returns it. This will remove alsl charecters that is not alpanumeric or an underscore. If you need any other special symbols, you should deny all and explicitly allow the ones you need.Also, check out the crypt function for storing data.regards,...drkstr Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.