Secure Form

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Scud
Forum Newbie
Posts: 1
Joined: Thu Aug 06, 2009 5:32 pm
Location: Australia

Secure Form

Post by Scud »

Hi guys;
im relatively new to all this sort of stuff, and can put little things together but was hoping you could help me out with something.
Im needing to make a form with around 5 text fields, whereby the user can enter text and the data is encrypted and sent to a database on the server. I'm hoping for a solution whereby the communication between the website and server is secure and the data cannot be hacked in anyway. Any ideas?
I know of the mysql escape string but as far as i know that's not what I'm after. Could somebody please help me.

thanks in advance,
Scud
marty pain
Forum Contributor
Posts: 105
Joined: Thu Jun 11, 2009 5:32 am
Location: Essex

Re: Secure Form

Post by marty pain »

This is more of a web question than a PHP question. The standard way of encrypting data is to use HTTPS instead of HTTP. To do this you will need to get a certificate for the given URL/IP address for the server you are sending data too.

more info here -> http://en.wikipedia.org/wiki/Https

Search Google for "setting up HTTPS", should get you started. Hope that helps mate.
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Re: Secure Form

Post by kaisellgren »

As already said, you need HTTPS for encrypting the data between the server and the clients. Implementation wise, you barely need to do anything with PHP. Make sure all pages and elements are loaded in HTTPS and then just read some data and save it to a database.
Post Reply