Saving credit card information in MySQL database? -

-

i want allow customer users enter credit card information can charge them every month.

i wonder how 1 should save information?

should saved in mysql database ("user" table) or kind of information sensitive , need stored in place?

i have no experience of , glad if advice me how accomplish this.

thanks.

as mentioned above, not store credit card information in database. it's recipe trouble. doing make attractive target hackers and, if successful in retrieving them, end business , potentially ruin life lives of credit card numbers stolen.

having said here 3 things consider:

1) best bet use payment processor/payment gateway offers recurring billing. example of authorize.net's automated recurring billing service. once set subscription automatically bill user every month automatically , let know results of transaction. saves ton of work , relieves of liability of storing credit card information.

2) if store store credit card numbers must follow pci guidelines. these guidelines set payment card industry , define can , cannot do. defines how credit card information must stored. need encrypt credit card numbers , should, not required to, encrypt related information (expiration date, etc). required ensuring web server , network secure. failing meet pci compliance result in losing merchant account , being banned having true merchant account forever. limit using third party processors less flexible. keep in mind pci guidelines start hardly "how to" when comes online security. goal exceed recommendation (by lot).

3) states laws supersede pci compliance. if suffer breach , credit card numbers stolen risk criminal prosecution. laws vary state state , in flux lawmakers beginning realize how serious of matter is.

as far encryption goes make sure read on encryption algorithms secure , have not been broken yet. blowfish start , if use php mcrypt library recommended (example).


Comments

Post a Comment

Popular posts from this blog

windows - Why does Vista not allow creation of shortcuts to "Programs" on a NonAdmin account? Not supposed to install apps from NonAdmin account? -

-
i'm working on installer (using wise installer, older version 1999). i'm creating shortcut in programs group exe. i'm creating shortcut on desktop. if install run admin account, create shortcut on common desktop , common program group (i.e., read hkey_local_machine\explorer\shellfor users). if it's installed nonadmin account, install hkey_current_user's desktop , program group. behavior install on: xp nonadmin - desktop , program shortcuts install ok. vista admin - desktop & program shortcuts install ok. vista non-admin, uac off - desktop shortcut installs, program shortcut not . however, program group folder they're supposed installed does created. at end of install, launch program group has shorcut. launches in of above. can manually drag shortcut folder , works fine. i'm bloody baffled. i've tried installing other commercial apps (opera, foxit, firefox) firefox install under nonadmin (and if select other program files,...
Read more

c++ - How do I get a multi line tooltip in MFC -

-
right now, have tool tip pops when hover on edit box. problem tool tip contains multiple error messages , in 1 long line. need have each error message on own line. error messages contained in cstring new line seperating them. my existing code below. bool ontooltiptext(uint, nmhdr* pnmhdr, lresult* presult) { assert(pnmhdr->code == ttn_needtexta || pnmhdr->code == ttn_needtextw); // need handle both ansi , unicode versions of message tooltiptexta* pttta = (tooltiptexta*)pnmhdr; tooltiptextw* ptttw = (tooltiptextw*)pnmhdr; // tchar szfulltext[256]; cstring strtiptext=_t(""); uint nid = pnmhdr->idfrom; if (pnmhdr->code == ttn_needtexta && (pttta->uflags & ttf_idishwnd) || pnmhdr->code == ttn_needtextw && (ptttw->uflags & ttf_idishwnd)) { // idfrom hwnd of tool nid = ::getdlgctrlid((hwnd)nid); } //m_errprojaccel[ch] contains 1 or more error messages each...
Read more

unit testing - How to mock PreferenceManager in Android? -

-
i've written class using context , third party library , sharedpreferences preferencemanager . it's possible mock context , third party library can mocked using mocking framework, preferencemanager ? i have 2 methods: public void savestring(thirdpartyobject obj) { sharedpreferences apppreferences = preferencemanager.getdefaultsharedpreferences(mcontext); sharedpreferences.editor editor = apppreferences.edit(); editor.putstring(mcontext.getstring( r.string.preferences_string_name), obj.getstring()); editor.commit(); } and corresponding, loads preferences. it doesn't want mock instance of preferencemanager (which used in preferencefragment or preferenceactivity ). you want either: a mock sharedpreferences , in case can mock context#getsharedpreferences (which called preferencemanager#getdefaultsharedpreferences anyhow). you'll have make mock sharedpreferences.editor if preferences edited, above. know how moc...
Read more