On Mon, April 11, 2005 8:12 pm, Chris Shiflett said: > Richard Lynch wrote: >> On a shared server, every other PHP scripter can read your session data, >> if they work at it a little bit. > > You should mention that this is assuming a default configuration. There > are ways to avoid this. There aren't a whole lot of shared servers that are running a different pool of httpd for each user, nor using only CGI with different user ids, nor... I daresay that unless you are setting up a shared server yourself, rather than renting space on one, you'll be hard-pressed to find that feature... Perhaps phpsec.org would want to list hosts who go above and beyond the current norm and actually provide that. I know I've never seen one, at least not that's affordable to me. >> For truly sensitive stuff like a CC#, do *NOT* put that in session data. >> Write your script to get the CC# via SSL, process it, and throw it away, >> all in one single PHP script. > > This is good advice, but if there is a business need to store the credit > card number (for whatever reason), it's not necessarily always best to > avoid storing it in the session. If you can think of a good business reason to store somebody's CC# in $_SESSION, I guess it must exist. I sure can't think of one... > Performance considerations can require that you couple its retrieval > with other session data rather than incur the extra expense. It's just > one of those things that is a little bit application-specific. I dunno... I mean, for me, a CC# comes from $_GET or $_POST, gets scrubbed and validated for reasonable digits, gets sent to the Credit Card processor, and you store the resulting transaction code from the Credit Card guys, and that's it. Any other data you've got tied in to the transaction, session, user, or whatever, you've got a unique number you gave the Credit Card guys, and you can match that up before you run the CC#, or even later on, if you give the Credit Card guys a non-ephemeral unique ID to tie to the transaction. I guess I'm just blinded by experience to doing anything else with a CC# -- That or shocked by seeing CC#s sitting in a new client's MySQL database, in perpetuity, after transactions had been done. [shudder] That sure got changed in a hurry. :-^ I'm certainly interested to know when/why Chris Shiflett would store a CC# anywhere at all, unless he's actually working *FOR* the Credit Card guys, cuz that's what they're there for. :-) That doesn't count. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php