El Tea schrieb: > Thanks. I'm assuming that sqlalchemy.sql.text is for storing actual > sql? In other words, all the basics should be good? (I'm thinking > Unicode and UnicodeText for the most part.) > > Understood that you can't point me to the holes *I* open up, but a > list of the ones you have to close off yourself, plus a list of common > mistakes or points of failure I would think would still be of > significant use to a newcomer (and as you note, this would be useful > in the deployment guides). > > All that being said - if someone was to build a site dealing with > financial transactions and they want to keep an customer's credit card > on file for future use, wouldn't it be stored in a database? Where > the heck does Amazon keep it? (Note that I have no intention of doing > this; you've piqued my curiosity!)
They might store it, but possibly encrypted so that even someone who has access to the DB can't read it. Also, payment is most probably created as service to the overall webapp, which is more stable, and can be run on much more locked-down machines, and possibly even with the need to enter a manual password so that only the running process is capable of deciphering it. Well, that at least would be the things I'd do - no ide if amazon *does* do that. Diez --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
