I'm designing a website for a client to sell prints of photos online. I've created a number of php sites already, and have taken a few programming classes, so I'd like to think my coding is fairly decent. However, I haven't had any formal php training - it's all been off the internet. The site has an ssl certificate and is pretty secure.
My question is about processing payments. Paypal offers the option of sending visitors to their site and dealing with it all, or adding code to your site so the payment goes to them, but you can keep all the data yourself. I'm wondering if it would be a huge security risk to take on making my own shopping cart system, as well as database for storing it all. Like I said, the code is pretty damn secure, but it's all self-taught. Advice would greatly be appreciated (as well as articles on this topic). Thanks.
Commerce Site Advice
Moderator: General Moderators
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Commerce Site Advice
Either way should be fine, but do not store credit card numbers in your database. As long as you leave the actual credit card information all on the PayPal site you should be ok.
Also, I would suggest not thinking that your site is "pretty secure." Hackers know more about exploits that you can every know, so stay very paranoid. Assume you can get hacked and try to limit the possible damage at every turn.
Also, I would suggest not thinking that your site is "pretty secure." Hackers know more about exploits that you can every know, so stay very paranoid. Assume you can get hacked and try to limit the possible damage at every turn.
(#10850)