Editing Website and Viewing Orders [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 11 years ago.

This'll be my second time doing a CMS and Inventory Management app for my client. This particular client wants it all to be online. Instead of a desktop app, like I did with my previous client. Which is fine I guess, however I'm a little concerned about the security stuff... What if it gets hacked? He basically wants to be able to manage, view, create new and edit existing orders via his website from an "Admin" type i开发者_如何学Gonterface after he logs in as an Admin, so obviously I'm going to need Roles.

But is this common or normal practice? The website isn't an intranet, or hosted locally, it's remotely hosted.

---

Yes, its very normal all of my websites have admin interfaces that allow access to just about everything with the proper credentials.

A word of caution however: If you are not sure what you are doing, I'd be very careful about accepting/storing credit cards or other sensitive information(SSN's medical data etc) . Its easy to screw up, and if that stuff get hacked, you may have some serious legal problems to deal with. Consider hiring someone with the right experience to help with security.

---

Everything you listed is normal to a Web application, whether it's hosted locally or on an intranet, or hosted remotely.

What you need is probably already implemented in other online CMSs (see Orchard CMS), but if you want to roll your own CMS, it's very easy to use ASP.NET MVC; it also has easy integration with Forms Authentication for ASP.NET.