|
Posted by Richard Lynch on 10/03/88 11:13
On Mon, April 11, 2005 8:12 pm, Chris Shiflett said:
> Richard Lynch wrote:
>> On a shared server, every other PHP scripter can read your session data,
>> if they work at it a little bit.
>
> You should mention that this is assuming a default configuration. There
> are ways to avoid this.
There aren't a whole lot of shared servers that are running a different
pool of httpd for each user, nor using only CGI with different user ids,
nor...
I daresay that unless you are setting up a shared server yourself, rather
than renting space on one, you'll be hard-pressed to find that feature...
Perhaps phpsec.org would want to list hosts who go above and beyond the
current norm and actually provide that.
I know I've never seen one, at least not that's affordable to me.
>> For truly sensitive stuff like a CC#, do *NOT* put that in session data.
>> Write your script to get the CC# via SSL, process it, and throw it away,
>> all in one single PHP script.
>
> This is good advice, but if there is a business need to store the credit
> card number (for whatever reason), it's not necessarily always best to
> avoid storing it in the session.
If you can think of a good business reason to store somebody's CC# in
$_SESSION, I guess it must exist.
I sure can't think of one...
> Performance considerations can require that you couple its retrieval
> with other session data rather than incur the extra expense. It's just
> one of those things that is a little bit application-specific.
I dunno... I mean, for me, a CC# comes from $_GET or $_POST, gets
scrubbed and validated for reasonable digits, gets sent to the Credit Card
processor, and you store the resulting transaction code from the Credit
Card guys, and that's it.
Any other data you've got tied in to the transaction, session, user, or
whatever, you've got a unique number you gave the Credit Card guys, and
you can match that up before you run the CC#, or even later on, if you
give the Credit Card guys a non-ephemeral unique ID to tie to the
transaction.
I guess I'm just blinded by experience to doing anything else with a CC#
-- That or shocked by seeing CC#s sitting in a new client's MySQL
database, in perpetuity, after transactions had been done. [shudder]
That sure got changed in a hurry. :-^
I'm certainly interested to know when/why Chris Shiflett would store a CC#
anywhere at all, unless he's actually working *FOR* the Credit Card guys,
cuz that's what they're there for. :-) That doesn't count.
--
Like Music?
http://l-i-e.com/artists.htm
Navigation:
[Reply to this message]
|