secure form to save data to text file

Forum Moderators: coopster

Message Too Old, No Replies

secure form to save data to text file

AmyNY

2:54 pm on Nov 14, 2003 (gmt 0)

I would like to take credit cards in a secure form, save to a file on the server and then read and print the file with the host's managing software (hope this is secure). The script should send an acknowledgement email to customer and one to me without the form data. Is there a script that will do this and is it secure if the link has https with the secure server name of the host? I downloaded from hotscipts "Phorm" which is in php. Kind of does what I want but I can't seem to tweak it. I do not know php nor have I ever put up a cgi script before. Yeah, I'm a newbie.

Amy

jatar_k

5:25 am on Nov 15, 2003 (gmt 0)

Well, you can do it in either language but I decided since you have php to start with maybe we can just roll wiith that.

As long as you have a secure certificate (https) then the transfer of data is secure. The thing you have to consider is the storing of credit card data in the database. I assume that is what you plan on doing.

I have heard of Phorm but haven't read through it so I don't really know exactly what it does.

Does it store data in a db or file or do you know?

AmyNY

5:12 pm on Nov 15, 2003 (gmt 0)

Thank you for your help. I won't ask too many questions at once.

After the form input logs to the text file will I be able to read and print the text file securely? If I use the control panel provided by the host, will pulling up the file actually be downloading to my browser and thus make the text file insecure? If so, is there a way to secure it? Is there a way to securely ftp it to myself instead? A shared secure certificate is part of the hosting package. I'm with westhost.

Was planning to output to a text file not database. Phorm will store in either text file or a database but I figure I need to do the easiest thing first. Also not sure where files need to be kept in the directory on the host server to keep robots and bad guys from reading the file. Is anyplace except "www" directory ok?

I'll save the specific questions on how to configure Phorm after hearing your responses. If I can't secure the form then there's no point in going forward. The goal is take credit cards securely over the internet on special order items which require other specs to be inputed into the form. Then we call the customer to confirm that they ordered correctly. Then we input credit card information manually into our current instore credit card account.

If you recommend a different free script I can change.

Thanks again.

Amy

jatar_k

1:15 am on Nov 17, 2003 (gmt 0)

able to read and print the text file securely

view it through https and it should be fine.

Is anyplace except "www" directory ok

abive your www directory is fairly good since it isn't accessible through a browser

I guess I would be paranoid about downloading them from the site. I wouldn't leave any of the info stored there. I would download it all the time and empty the file when it is downloaded.

AmyNY

4:47 am on Nov 17, 2003 (gmt 0)

Thank you for your help. After getting the response to my other question "how to skip a line?". Should be simple. Used n\. Didn't work. If I can't do something simple after 3 days and many hours, give it up. Signed up for mal's ecommerce. Giving up on the form to mail and using their shopping cart. Able to configure it in one evening. Now for the tedious task of cutting and pasting the shopping cart into each page. I should have gone with mals from the beginning. Thanks again.

Amy