Jump to content

Requirments for SSL PHP Scripts

uniflare

By uniflare
in PHP Coding Help

 Share

Recommended Posts

uniflare Newbie

uniflare

Posted
Posted

I have SSL Running already fine, i go to my script it runs perfect...

 

My question is:

 

Are there any special requirments for using SSL with php? at the moment i'm assuming by just calling the url with https is secure enough for credit card information, am i correct? or are there certain pieces of code that need tweaking for security?

 

Not using globals, using mysql_escape_string on all mysql-related user input, and htmlentities on all displayable user-inputed data.

 

thanks for your help in advance :D

Link to comment
Share on other sites
uniflare Newbie

uniflare

Posted
  • Author
Posted

thats what i thought, cheers,

 

i only asked because on some shopping cart scripts they sell different packages and the cheaper ones say they don't support HTTPS or similar and charge for SSL Secure Shopping Scripts...

 

Can they justify this? or does it mean something else i'm not thinking of?

 

one example: http://www.shop-script.com/compare-shopping-cart-software.html ; where it says "Secure checkout (SSL)" under "Shopping cart & Ordering"

 

 

thanks :)

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

hm, don't know what that's about. all i can think of is that they disabled it on purpose, perhaps checking for a secure connection and redirecting to an insecure connection if necessary. i've never had to do anything for my PHP code except maybe the reverse: if the user takes the s out of https, put it back in on a redirect.

Link to comment
Share on other sites
Caesar Newbie

Caesar

Posted
Posted

When they say they support SSL, they mean, secure paths can be integrated in their settings so that the shop goes through the secure connection when a user proceeds to a certain point in checkout (Rather than simply running under HTTPS). You also want to make sure your server/host allows both incoming/outgoing connections on port 443 (If you plan on using a payment gateway. In other words...steer clear of crap hosts like GoDaddy).

Link to comment
Share on other sites
uniflare Newbie

uniflare

Posted
  • Author
Posted

Thanks Caesar & BlueSky, are you talking about stuff like paypal-type SSL Transactions etc using headers?

---

 

also can anyone reccomend a good tut on building a verisign payment module class or similar? (i want to create one my self, so i dont have to pay to get rid of the copyright on the script).

 

 

thanks all :D

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.