Hello All, Just a comment --
> From: "RJ LeVeque" <[EMAIL PROTECTED]> > To: "e-gold Discussion" <[EMAIL PROTECTED]> > Subject: [e-gold-list] e-gold SCI > Date: Sun, 16 Dec 2001 16:11:44 -0800 > [ MELTED ] > Where anyone is getting the fact that I should write this script or that I > am seeking this assistance for myself is way off base. I, personally, have > been looking into Dmitry Salnikov's script and it's beginning to look like > he's thinking the same thing I am: default SCI is being used incorrectly and > people need HELP! Smart man! Possibly likes to help others! I was merely > seeking references for webmasters that do not know about this AND that are > completely vulnerable. > Even the best tools may be used in wrong ways. e-Gold shopping cart interface is powerful and secure tool which should be used according to their *documented* guidelines. If someone has tried to read their documentation and does not understand what is written there then this person should ask someone who understands instead of trying to use advanced technology in wrong ways hoping to save money. What I am thinking is that novice webmaster may need help with understanding of security risks and importance of professional advice even having free solution available for download -- http://dmitry-salnikov.com/free/goldpass.htm Every business is unique and all free scripts should be tailored for particular needs or at least installed properly because all Web hosting servers are different and there always are security against price considerations. Every mission critical application should be maintained as well because Web hosting environment may change sometimes itself and no business situation is a permanent one. The price for work of professional programmer should be measured not in the terms of possibility to install the script by thrifty business person alone without professional help but rather in the terms of possible cost of error. If someone accepts donations and all that is expected in return are THANK YOU words at PAYMENT_URL address then simple static HTML shopping cart may be perfect solution for this purpose but if this someone really wants security then even this static page should be hosted on dedicated secure server with enforced SSL protocol connections using certificate signed by well known reputable authority while this once secure server should be maintained by experienced and generously paid for his work security professional. If someone wants to create fully automated service which is processing orders worth huge amounts of money daily then the cost of error may be huge amounts of money lost directly and through loss of profit or spoiled business reputation. Serious business people who want their sites to work reliably will ask for professional advice while those thrifty persons who want to do everything themselves may learn the hard way. Respectfully yours, Dmitry Salnikov, http://dmitry-salnikov.com/index.htm International business catalogue for e-gold users, http://dmitry-salnikov.com/veda.htm Gold Web Ring traffic maker for e-gold sites, http://o.webring.com/hub?ring=gold FreeBSD, Linux, C/C++, Perl, ... Web software development services, English / Russian translations. --- You are currently subscribed to e-gold-list as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] http://www.e-gold.com/stats.html lets you observe the e-gold system's activity now!
