Date: 08/11/06 (PHP Community)    Keywords: mysql, sql, java, web

What I got now:

SignUP

Phase 1
Basic webform with Javascript helper script that isn't required.

Phase 2
Collect user information for sale from previous form, validate/normalize the information (anti-everything but alphanumeric except ' and -), insert information into DB with pending flag.

Embed record ID into hidden form field
Present user with sales choice (invoice, electr invoice, credit).

Phase 3
Grab the embedded form field, validate ID by "x = (int) y;", and compare REMOTE_ADDR to the DB Record, and update record via a super-limited DB user account ( it only has privileges set by MySQL to update "accountInfo.payMethod" and select "accountInfo.ID" and "accountInfo.IP"

Display confirmation page of their order then either jump to the CCard service and out of my responsiblity.


I can't see how someone could break this system as it stands, but I am tempted to do the entire thing with Session handling, passing the SID to the second form and retrieving it on the third to get $_SESSION['myID'] just to make it even harder to break.

Source: http://community.livejournal.com/php/481637.html