[web] Secure website.
Author
Hey, I have some experience in PHP/SQL and html and I might soon create a website for the company of my cousin.. He wants to sell T-Shirt, so of course I'll have to make something really secure.
I'm wondering if any of you know any useful websites/tutorials talking about this subject?
Something that could teach me the way professional make their commercial websites secure.
Thanks a lot.
I'm curious as to why t shirt sellers would need to be any more secure than any other....but anyway.
Talk to your host. Most hosts provide an https connection (typically you'll have a folder above your doc root called secure_html or something similiar) with a basic hosting account. That should be sufficient in and of itself, though honestly I'd just recommend using paypal or similiar services for selling stuff.
Talk to your host. Most hosts provide an https connection (typically you'll have a folder above your doc root called secure_html or something similiar) with a basic hosting account. That should be sufficient in and of itself, though honestly I'd just recommend using paypal or similiar services for selling stuff.
Yahoo! Shops might also be worth looking into. There are also free shopping cart systems like Zen-Cart and Commerce.CGI.
If you choose to write your own I suggest NOT using PHP, at least for most of the logic. PHP is a nice templating language, but it's a pain for large applications. It's just too easy to write bad code.
Python is fairly widely supported, and has lots of web-related libraries, and a good database API.
Should you choose to write your own code in PHP, make sure you read through the Security Considerations section in the PHP manual, and otherwise just use common sense. Keep all your database queries in one place, always cast variables and make that they have valid contents before using them, use singe quote strings whenever possible with variables placed outside the string blocks, etc.
People make their web sites insecure by assuming that input data is always valid.
If you choose to write your own I suggest NOT using PHP, at least for most of the logic. PHP is a nice templating language, but it's a pain for large applications. It's just too easy to write bad code.
Python is fairly widely supported, and has lots of web-related libraries, and a good database API.
Should you choose to write your own code in PHP, make sure you read through the Security Considerations section in the PHP manual, and otherwise just use common sense. Keep all your database queries in one place, always cast variables and make that they have valid contents before using them, use singe quote strings whenever possible with variables placed outside the string blocks, etc.
People make their web sites insecure by assuming that input data is always valid.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
