Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6

Thread: Secure Issue

  1. #1
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Exclamation Secure Issue

    there is a way to post form variables in the best secure way...
    i don't sure how or what is the technical way to do this and that is the aim of this subject...

    banks,visa, master card...all of them working with such secure way...
    you fill some form, than the submited form is being saved in a cookie and than a new window opens and read all the data from the cookie and saving it into the database...
    my question is why??

    how it works? can someone explain and show me how?
    what is the logic to do this and not to post it from page to page?
    Last edited by sasha85; 10-22-2007 at 04:41 PM.
    By the time u recognize this moment, This moment will be gone.

  • #2
    Senior Coder nikkiH's Avatar
    Join Date
    Jun 2005
    Location
    Near Chicago, IL, USA
    Posts
    1,973
    Thanks
    1
    Thanked 32 Times in 31 Posts
    Use SSL

    If this post contains any code, I may or may not have tested it. It's probably just example code, so no getting knickers in a bunch over a typo, OK? If it doesn't have basic error checking in it, such as object detection or checking if objects are null before using them, put that in there. I'm giving examples, not typing up your whole app for you. You run code at your own risk.
    Bored? Visit
    http://www.kaelisspace.com/

  • #3
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Exclamation i use ssl...but this is not my question

    ssl is a good way to secure but i asked about this specific one...
    By the time u recognize this moment, This moment will be gone.

  • #4
    Senior Coder nikkiH's Avatar
    Join Date
    Jun 2005
    Location
    Near Chicago, IL, USA
    Posts
    1,973
    Thanks
    1
    Thanked 32 Times in 31 Posts
    That IS the way.
    SSL encrypts it for you.

    Otherwise, you're stuck encrypting it yourself. And decrypting it on the other side. Nothing else is truly secure, as it's plain text. There may be encryption algorithms out there, but what's the point when all you need to do is set up SSL on the server?

    For bank-level info, credit cards, and social security numbers, SSL is the ONLY way.

    If this post contains any code, I may or may not have tested it. It's probably just example code, so no getting knickers in a bunch over a typo, OK? If it doesn't have basic error checking in it, such as object detection or checking if objects are null before using them, put that in there. I'm giving examples, not typing up your whole app for you. You run code at your own risk.
    Bored? Visit
    http://www.kaelisspace.com/

  • #5
    Regular Coder
    Join Date
    Sep 2007
    Posts
    179
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Exclamation ok than...

    imagen that the form passing all the data to the cookie after encryption and the other page that opens reading decrypting the data from the cookie...
    this is not ssl but is it good that way? is it better than posting ecrypted data from page to page?

    what do you think better:
    ASP PAGE > ASP PAGE > SQL
    ASP PAGE > COOKIE , COOKIE > ASP PAGE > SQL
    ?
    Last edited by sasha85; 10-23-2007 at 02:30 PM.
    By the time u recognize this moment, This moment will be gone.

  • #6
    Senior Coder Spudhead's Avatar
    Join Date
    Jun 2002
    Location
    London, UK
    Posts
    1,856
    Thanks
    8
    Thanked 110 Times in 109 Posts
    No, it's not good that way. Use SSL. If you've got data that you need to encrypt, don't save it to people's hard drives, encrypted or not. Use SSL.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •