Use this advice at your own risk.  If you take my advice and your cc numbers
still get stolen, your fault, not mine. By continuing to read this, you
agree to these terms.

Put them in a separate database, on a different server, behind a firewall,
that is ONLY running MySQL and sh. Shut EVERYTHING else off, lock it down
hard, remove all logins other than the ones necessary for the box's
operation. Set your hosts.allow to only allow access to the box from the

Then, in your PHP, retrieve them with a separate Select using a memberID or
userID as the FK from the main database.

Change the mysql password daily. Make sure it's different form the password
to get into your main server.

Is this secure? No.  Does it make it harder to get the CC info? Yes.  Harder
is all you can hope for. Impossible is...well, impossible.  :)

* Cal Evans
* Journeyman Programmer
* Techno-Mage
* http://www.calevans.com

-----Original Message-----
From: Someone Somewhere [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 10, 2002 11:48 AM
Subject: [PHP] Secure storage of credit card information

I'm working on a e commerce  site and I need to store the credit card info
of people who purchase stuff, on the site. How can I encrypt the credit card
# put it in a dbase and decrypt it when I need to

Using Php4.* and Mysql.

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to