Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New to the CF scene
    Join Date
    Oct 2004
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Secure Credit Card Form

    I am currently building a site that has two forms. The first is a contact form uses a very simple php script that emails the results of the form to my client. The second form, which I have yet to build, will have contact information fields, but will also contain a field for a credit card number. My question is if I build the second form using the same simple PHP script, is that secure enough to send credit card information through, or can people hack into it somehow?

    Thanks for your help!

  • #2
    Senior Coder Nightfire's Avatar
    Join Date
    Jun 2002
    Posts
    4,265
    Thanks
    6
    Thanked 48 Times in 48 Posts
    First thing, whenever you have anything to do with credit cards, don't EVER send the details by email. Using php alone won't make it secure, you will also need to use SSL.

    If you're going to be dealing with credit cards, my best advise is to use a merchant provider. That way, if anything goes wrong you're not to blame and don't get sued for holding bank details insecurely. Merchant providers have the top security in place for cards

  • #3
    Regular Coder
    Join Date
    Jul 2002
    Location
    Las Vegas, NV - USA
    Posts
    104
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by socalsoxfan
    ...My question is if I build the second form using the same simple PHP script, is that secure enough to send credit card information through, or can people hack into it somehow?
    Nightfire already answered your question but I'll give you the short answer -- No.

    The only correction I would make is that Merchant Service Providers (MSP) provide merchant accounts for processing the credit cards. Gateway providers provide the secure link between your site and the merchant account that the MSP is providing...
    Steven Sommers (blog)
    Shift4 Corporation -- www.shift4.com

    Creators of $$$ ON THE NET(tm) payment processing services.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •