Page 1 of 1

Commerce Site Advice

Posted: Fri Mar 07, 2008 12:31 am
by paqman
I'm designing a website for a client to sell prints of photos online. I've created a number of php sites already, and have taken a few programming classes, so I'd like to think my coding is fairly decent. However, I haven't had any formal php training - it's all been off the internet. The site has an ssl certificate and is pretty secure.

My question is about processing payments. Paypal offers the option of sending visitors to their site and dealing with it all, or adding code to your site so the payment goes to them, but you can keep all the data yourself. I'm wondering if it would be a huge security risk to take on making my own shopping cart system, as well as database for storing it all. Like I said, the code is pretty damn secure, but it's all self-taught. Advice would greatly be appreciated (as well as articles on this topic). Thanks.

Re: Commerce Site Advice

Posted: Fri Mar 07, 2008 1:38 am
by Christopher
Either way should be fine, but do not store credit card numbers in your database. As long as you leave the actual credit card information all on the PayPal site you should be ok.

Also, I would suggest not thinking that your site is "pretty secure." Hackers know more about exploits that you can every know, so stay very paranoid. Assume you can get hacked and try to limit the possible damage at every turn.