denhamd2 Posted April 13, 2007 Share Posted April 13, 2007 Hi guys, I've not done a shopping cart before so I'm not sure what the story is with credit cards. I've collected all the user's personal info and products purchased as variables, do I just do the same with the credit card info (as $_POST variables to keep them hidden)? Is this sufficient? I'm not planning on emailing the info to the store owner just letting them login to an admin area to collect it. Is this secure enough or what should I do differently? What's the deal with security certificates? What do they actually do and are they expensive? Any help you could provide on this would be great. Thanks in advance Link to comment https://forums.phpfreaks.com/topic/46835-collecting-credit-card-info/ Share on other sites More sharing options...
Guest prozente Posted April 13, 2007 Share Posted April 13, 2007 A SSL certificate is used so that the connection is encrypted. You can get SSL certificates for free, you can even generate your own. The reason you have to pay for some is that it's from a trusted source and they ensure that you are who you say you are. Before you process any credit card information you need to thoroughly audit your code for any vulnerabilities and run all transmitted data over SSL. This isn't something to take lightly. Link to comment https://forums.phpfreaks.com/topic/46835-collecting-credit-card-info/#findComment-228294 Share on other sites More sharing options...
denhamd2 Posted April 13, 2007 Author Share Posted April 13, 2007 how much does an SSL cert cost? Link to comment https://forums.phpfreaks.com/topic/46835-collecting-credit-card-info/#findComment-228815 Share on other sites More sharing options...
Guest prozente Posted April 13, 2007 Share Posted April 13, 2007 There is no definitive answer and the costs can change without notice. Two well known and trusted sources for SSL certificates are http://www.verisign.com/ http://www.thawte.com/ Link to comment https://forums.phpfreaks.com/topic/46835-collecting-credit-card-info/#findComment-228820 Share on other sites More sharing options...
boo_lolly Posted April 13, 2007 Share Posted April 13, 2007 to answer your question, it highly depends on how you've developed the rest of your shopping cart... i would recommend using an SSL certificate when handling ANY sensitive data. this is not only limited to credit card information. think about your user's address and email address. Link to comment https://forums.phpfreaks.com/topic/46835-collecting-credit-card-info/#findComment-228833 Share on other sites More sharing options...
shaunrigby Posted April 13, 2007 Share Posted April 13, 2007 There are many 'ready-made' shopping carts available in PHP that are highly customizable and can be easily integrated into your site. Results can be found on google... Link to comment https://forums.phpfreaks.com/topic/46835-collecting-credit-card-info/#findComment-228857 Share on other sites More sharing options...
boo_lolly Posted April 13, 2007 Share Posted April 13, 2007 There are many 'ready-made' shopping carts available in PHP that are highly customizable and can be easily integrated into your site. Results can be found on google... it's always good to try and build your own. then and only then can you truly appreciate the work that goes into building a shopping cart with a CMS backend. it is a highly involved process. Link to comment https://forums.phpfreaks.com/topic/46835-collecting-credit-card-info/#findComment-228861 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.