mitcho Posted July 3, 2007 Share Posted July 3, 2007 Hi guys. I use PHP/MySQL quite regularly to build basic CMS's, but I am by no means an expert . I am now building a website + cms, again with PHP/MySQL, however this times its a little different. The website will have a form that customers use to make bookings. they will enter their names/contact details into this form, as well as their credit card details. however, this transaction is not processed, it is instead saved to their database temporarily. The website owner then needs to login to the cms, process their data manually, then delete the credit details. I already have set up SSL on the webserver (which is also a static ip server and apparently more secure) so that the php form is https:// but i am wanting to know whether i should be putting other measures in place? ie PHP/MySQL security. is there anything i can do to make ensure that the details will be submitted to mysql database securely and will remain safe in the database. ive hear of things like mysql injections, and want to avoid these happening. Really appreciate feedback on this guys. Thanks a bunch Quote Link to comment Share on other sites More sharing options...
teng84 Posted July 3, 2007 Share Posted July 3, 2007 i think your concern is if the user insert special character? then maybe you could use regular expression to remove or to escape those character Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.