SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Hybrid View

  1. #1
    SitePoint Guru
    Join Date
    Apr 2001
    Location
    BC, Canada
    Posts
    630
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    secure transaction

    Hi, I need to have a data transmitted in a secure server enviorment. I looked at SSL, but most of the articles I read just told me about how it worked, but know how to implicated it.
    Maybe there are other options.
    Users are entering sensitive information into forms, and I need the data to be safe when its being transmitted to the script, in which it will then be saved on the server. Im pretty new with the whole security thing. I use sessions a lot, but they dont realy imply in particular case. I need something that encrypts (i guess) the data between pages.
    any one with exp.?

    thank you
    Last edited by slighltywhacked; Sep 17, 2001 at 18:11.

  2. #2
    Talk to the /dev/null Theiggsta's Avatar
    Join Date
    Mar 2001
    Location
    Tampa, FL
    Posts
    376
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, you can start by using an SSL mod to apache (mod_ssl) to allow you to use https:// on your website. As far as transmitting encrypted POST data across pages, I suggest just using SSL because that ends up doing the job right there because of security encryption itself. There are a TON of encryption libraries out there you can use to crypt and decrypt your data across pages, but thats if your extremely paranoid.

    I myself am trying to figure out how I can secure sessions without letting someone "hijack" the session.

    Anyway, hope that helps you out and I suggest www.phpbuilder.com for some good PHP/SSL tutorials, they worked for me.
    Aaron "Theiggsta" Kalin
    Pixel Martini
    Ruby and Rails Developer

  3. #3
    SitePoint Guru
    Join Date
    Apr 2001
    Location
    BC, Canada
    Posts
    630
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    so your saying (if its installed) just put https:// in front of the page??

    When I do that it loads just a blank page
    Last edited by slighltywhacked; Sep 18, 2001 at 18:58.

  4. #4
    SitePoint Guru
    Join Date
    Apr 2001
    Location
    BC, Canada
    Posts
    630
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Any one else have exp with ssl? Im having troubles getting it to work... from what I under stand, from the last post, all I have to do is put https:// in thei link?

    When I do that, it pops up Im going into a secure something or other, but hten loads a blank page

  5. #5
    SitePoint Evangelist CyberFuture's Avatar
    Join Date
    May 2001
    Location
    San Diego, CA
    Posts
    434
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Your also hve to configure your apache config file correctly. There is a seperate section in virtual host for SSL.

  6. #6
    SitePoint Guru DenverDave's Avatar
    Join Date
    Feb 2001
    Location
    Denver, Colorado
    Posts
    630
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Not that I know how to get SSL to work either, and I gather that it requires a Certificate - but assuming we have a secure transaction:

    (1) Result is stored in a database - maybe encripted / maybe not

    (2) Result is resident in memory on the server

    Then how can we retreive the information securely. How can the client receive information about a secure transaction? If a report to html is run on a secure server is the output secure from the server to the client? If an extract file is produced and then downloaded to the client - aren't we exposed at this point?

  7. #7
    SitePoint Guru
    Join Date
    Apr 2001
    Location
    BC, Canada
    Posts
    630
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    not to sure.. what im doing in this script is just writing the form entries to a text file in the root directory of the server.. nuthing is put back out to the client except a conformation


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •