I am currently teaching myself PHP and MySQL, by reading many of the tutorials, documentation, example scripts and so on available on the internet. I have now got to the stage, where I can understand what things are doing, and can apply different code to different situations, and not just copy sections of code from tutorials.
I am about half way through making a support desk script (done the user end; still need to do admin); using PHP, MySQL and Smarty, for my up and coming web company (won't be released to the public), and I have managed to write PHP code to cover all possibilities that I can find.
My biggest concern is security. While the security script isn't working with anything that needs to be ultra-secure, I was wondering if anyone has any general tips as to things that I should worry about? Certain code I should avoid, and how to stop SQL Injections. I maybe worrying without reason, but I worry because of the number of updates that are repeatedly released for Open Source scripts.
My second question is also security related, but my current plan is to use ZenCart for the shop part of my company. My concern with using ZenCart, is that it doesn't do exactly what I want. I am now feeling confident enough to attempt to program my own cart, with the features I require, and was wondering if there are any security tips regarding shopping cart systems? Any advice about which route to follow?
I will not be processing credit cards or anything like that on the shopping cart, and will be sending everything to Paypal for payment processing. That said, I would also like any advice regarding sending payments to Paypal, and using the IPN system. Any tutorials available on this subject?
Question
Fourjays Veteran
Hi,
I am currently teaching myself PHP and MySQL, by reading many of the tutorials, documentation, example scripts and so on available on the internet. I have now got to the stage, where I can understand what things are doing, and can apply different code to different situations, and not just copy sections of code from tutorials.
I am about half way through making a support desk script (done the user end; still need to do admin); using PHP, MySQL and Smarty, for my up and coming web company (won't be released to the public), and I have managed to write PHP code to cover all possibilities that I can find.
My biggest concern is security. While the security script isn't working with anything that needs to be ultra-secure, I was wondering if anyone has any general tips as to things that I should worry about? Certain code I should avoid, and how to stop SQL Injections. I maybe worrying without reason, but I worry because of the number of updates that are repeatedly released for Open Source scripts.
My second question is also security related, but my current plan is to use ZenCart for the shop part of my company. My concern with using ZenCart, is that it doesn't do exactly what I want. I am now feeling confident enough to attempt to program my own cart, with the features I require, and was wondering if there are any security tips regarding shopping cart systems? Any advice about which route to follow?
I will not be processing credit cards or anything like that on the shopping cart, and will be sending everything to Paypal for payment processing. That said, I would also like any advice regarding sending payments to Paypal, and using the IPN system. Any tutorials available on this subject?
Any advice is greatly appreciated. :)
Link to comment
Share on other sites
25 answers to this question
Recommended Posts