e-commerce / Client Login security?
I hope this is posted in the correct forum (pls inform me if not). Ok, I have been asked to develop a client login system for a new client and this is my first project that will involve the security issues of storing personal information (passwords / credit card data) and submiting personal data via forms.
I am confident that I can code this functionality although I do have a few concerns about the whole thing being completely secure and hack proof. Can anyone give me any advise on the security precautions I should / can take when storing personal information and allowing users to login to the client area? If you know of any good tutorials / articles and books to use a resource that would be marvellous.
Also - should I use sessions to control the access of users - is this safe too
Thanks in advance for your help
PS - I will be using Mysql / Php