SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Enthusiast
    Join Date
    Mar 2011
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP MySql Security Question

    Hi All

    I have been learning PHP and MySql. I have been learning how to fill out a form and use PHP to populate a database on MySql. I have also learned a bit about how to retrieve that information as a CSV for Excel. I am also going to us iFrame Tags to put a form on my clients Facebook page. I have learned enough that I believe I can make this happen. I am ready to take my skills to the next level.

    My client's Facebook page is already going viral and he is about to give away some high dollar items. A contest. So his Facebook page is going to explode with traffic. In order to enter the contest we are going to need to retrieve personal info, like name, email, address, etc.

    I have security concerns. Since this is my first attempt at this, how secure is PHP and MySQL? If I use a username and password on my server that should be enough to protect personal information, right? I will be responsible for allot of personal information so I don't want to screw this up. Am I over my head?

    My second question. I need my client to be able to retrieve that information from the MySql database. I was thinking of creating a page that he can access to retrieve the personal information. But again, there is another security issue. I would probobaly need to password protect it. Is there a better way to do this?

    Here is an example of what I am trying to do Legendary Whitetails - Win A Bow | Facebook


    Thanks for your help.

  2. #2
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,580
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by mguise View Post
    If I use a username and password on my server that should be enough to protect personal information, right?
    No. Securing a server and the applications running on it is a profession in and of itself. Having a password is not enough.

    Quote Originally Posted by mguise View Post
    I will be responsible for allot of personal information so I don't want to screw this up. Am I over my head?
    Yes. There are companies that provide facilities for running contests/forms on Facebook. Your friend should be using that, not having someone inexperienced collecting others' personal information.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •