Web Hosting Forum | Lunarpages
News: October 6, 2008 - Submit Your Site for the October 2008 Site of the Month!
 
Home Help Search Calendar Login Register
*
Welcome, Guest. Please login or register.
Did you miss your activation email? 		October 07, 2008, 03:56:13 PM


Login with username, password and session length


Web Hosting Forum | Lunarpages > Lunarpages Web Hosting - Advanced Assistance > Lunarpages - Web Hosting, Email & PC Security > Forcing Encryption on Forms?
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Forcing Encryption on Forms?  (Read 362 times)
actors3
Newbie
*
Offline Offline

Posts: 3
« on: April 12, 2007, 12:58:09 PM »
In order to be more secure on forms I have updated my form script to NMS and use https both in links to the forms and in the form action script, but I have been told that it's a good idea to force encryption on the initial page where users enter data on the form. 

Any tips on how to do this?
Logged
MrPhil
Quantum Encyclopedia Writer
*****
Offline Offline

Posts: 3381
« Reply #1 on: April 12, 2007, 02:32:43 PM »
They told you what? That makes no sense. The form fields are on the browser's PC "in the clear". There's no way to encrypt the data on the PC. When submitted, SSL (https) will encrypt them for transmission. On the server, you should be thinking about how to protect this data once it's been received (e.g., encrypt before storing in a database). Your PHP or Perl CGI script will see the data "in the clear", and processing will be plaintext too, but if it's sensitive data you may want to encrypt it before writing it to a database or remailing to another account or system. I'm not sure what tools PHP or Perl offers to encrypt.
Logged
maxryerson
Newbie
*
Offline Offline

Posts: 3
« Reply #2 on: November 07, 2007, 03:39:16 PM »
Does anyone know how to do this? I have a similar problem. Trying to securely capture user-provided information from a form and keep the data secure. Obviously can't send it by email, so how do I securely transfer it to the server?
how do I transfer it to a database?
how do I set up the database?
and how do I keep it encrypted (or do I have to keep it encrypted once it is transfered to the database on the LP server? after all is that not secure already and only accessible to the account admin? and to LP staff of course)?

If anyone can show me how to do this and knows where I can find the appropriate script to do this it would be very helpful. THank you very much for your time and consideration.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.6 | SMF © 2006-2008, Simple Machines LLC

Valid XHTML 1.0! Valid CSS! Dilber MC Theme by HarzeM