SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Evangelist
    Join Date
    Aug 2010
    Posts
    503
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    E-Commerce Security Vulnerabilities

    Hi all, I'm in the process of creating an e-commerce site, just wondering what the biggest security risks are. I've used the mysql_real_escape_string on all data entering the database which should remove the risk of SQL injection. The customer will not be storing credit card information on the site. Just basic personal details.

    I'm just using sessions, no cookies. Any pointers or advice will be greatly appreciated as always

  2. #2
    Who turned the lights out !! Mandes's Avatar
    Join Date
    May 2005
    Location
    S.W. France
    Posts
    2,496
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Your biggest problem after basic programming errors and malicous intent will be your customers.

    If they can find a hole in it they will, they will bookmark you pages halfway though the process go for a cuppa and come back 3 days later and try to continue where they left off, they'll use the browsers back and forward buttons, forget passwords and try to log in again with same details, try to log in with blank fields, unacceptable characters ........... and do everything you didnt think a sane person would try to do.

    A Little Knowledge Is A Very Dangerous Thing.......
    That Makes Me A Lethal Weapon !!!!!!!!

    Contract PHP Programming

  3. #3
    SitePoint Evangelist
    Join Date
    Aug 2010
    Posts
    503
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi Mandes, thanks for your message. I can see how that could prove a problem - gerrrr! Thanks for the help


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •