Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid

Answer: Security using MySQL & CGI

by comatose (Monk)
on May 15, 2000 at 17:49 UTC ( #11616=categorized answer: print w/replies, xml ) Need Help??

Q&A > database programming > How can I secure MySQL & CGI? - Answer contributed by comatose

You should always use as much security as you can. There's no such thing as too much.

So besides choosing the right database, I recommend some sort of two-way encryption of any sensitive information. There are a variety of methods to accomplish it, and you'll want to choose one that works well in your situation.

One example that I've used takes advantage of a randomly generated password that unlocks each individual order on the site. Without that password, the credit card number is junk. However, we still make it possible to see contact information just in case someone loses the password for that order. Because there's only one person involved in receiving the orders, it's quite practical.

Log In?

What's my password?
Create A New User
[stevieb]: been thinking... if it wasn't for Perl, I believe that I'd be done in tech. I don't do social media or the like, if I'm not coding I'm not on a device at all, and don't miss comms at all when I'm not around. I code for my job (which I like), but I think..
[stevieb]: ...I haven't coughed up my laptop because of Perl.
[stevieb]: I think that Perl is the reason that I haven't gone 100% off grid :)

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (2)
As of 2017-03-29 02:06 GMT
Find Nodes?
    Voting Booth?
    Should Pluto Get Its Planethood Back?

    Results (343 votes). Check out past polls.