Re: Permissions Ignored - PLEASE HELP

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 47108
interpreted = N
texte = >those credit card numbers are still stored in the individual orderfiles, >therefore... YES, it is MY responsibility to protect those numbers. First, the info in the order files should be written to a database, with the credit card numbers encrypted.Second, the order files should be DELETED immediately after each transaction is completed -- to prevent anyone from being able to download them, and to prevent anyone with username/password access from seeing the UNENCRYPTED credit card values in those files.Third, all your webdna templates and include files should be encrypted -- to prevent anyone from seeing the SEED value you used to encrypt the credit card values when storing them in your database file.Fourth, you should *NEVER* display the full credit card number on any web page, even when you're decrypting those values for some reason. Instead you should display only the last 3 or 4 digits of the number on the page. Sincerely, Kenneth Grome--------------------------------------------------- WebDNA Professional Training and Development Center 175 J. Llorente Street +63 (32) 255-6921 Cebu City, Cebu 6000 kengrome@webdna.net Philippines http://www.webdna.net ---------------------------------------------------------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Permissions Ignored - PLEASE HELP (Alain Russell 2003)
  2. Re: Permissions Ignored - PLEASE HELP (Stuart Tremain 2003)
  3. Re: Permissions Ignored - PLEASE HELP (Gary Krockover 2003)
  4. Re: Permissions Ignored - PLEASE HELP (Alain Russell 2003)
  5. Re: Permissions Ignored - PLEASE HELP (Andrew Simpson 2003)
  6. Re: Permissions Ignored - PLEASE HELP (Alex McCombie 2003)
  7. Re: Permissions Ignored - PLEASE HELP (Andrew Simpson 2003)
  8. Re: Permissions Ignored - PLEASE HELP (Kenneth Grome 2003)
  9. Re: Permissions Ignored - PLEASE HELP (Bob Minor 2003)
  10. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  11. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  12. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  13. Re: Permissions Ignored - PLEASE HELP (WJ Starck 2003)
  14. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  15. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  16. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  17. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  18. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  19. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  20. Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
>those credit card numbers are still stored in the individual orderfiles, >therefore... YES, it is MY responsibility to protect those numbers. First, the info in the order files should be written to a database, with the credit card numbers encrypted.Second, the order files should be DELETED immediately after each transaction is completed -- to prevent anyone from being able to download them, and to prevent anyone with username/password access from seeing the UNENCRYPTED credit card values in those files.Third, all your webdna templates and include files should be encrypted -- to prevent anyone from seeing the SEED value you used to encrypt the credit card values when storing them in your database file.Fourth, you should *NEVER* display the full credit card number on any web page, even when you're decrypting those values for some reason. Instead you should display only the last 3 or 4 digits of the number on the page. Sincerely, Kenneth Grome--------------------------------------------------- WebDNA Professional Training and Development Center 175 J. Llorente Street +63 (32) 255-6921 Cebu City, Cebu 6000 kengrome@webdna.net Philippines http://www.webdna.net ---------------------------------------------------------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Kenneth Grome

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

OT: Heads-up to Smith Micro staff (2002) FM and Webcat together? (1998) Online reference (1997) 2.0Beta Command Ref (can't find this instruction) (1997) [WebDNA] v 7 append (2012) Freeze (2003) WebCat2b15MacPlugin - [protect] (1997) WCf2 and nested tags (1997) WCS Newbie question (1997) Displaying photo attached to first record (1997) Updating Prices in Online Database (1999) [founditems][replacefounditems] (2003) Logging purchases (1997) emailer (1997) WebCat2: Found Items syntax, etc. (1997) Simple way to create unique SKU (1997) More on the email templates (1997) [WebDNA] triggers.db "next execute" fails to update (2012) NT considerations (1997) Simple Database close connection (2001)